My apologies for the delayed summary, but I felt that a summary should include the solution...;-}) Thanks for the many hints. With suggestions from several list members, the following script was what our resident Perl programmer came up with: *************** #!/usr/local/bin/perl ############################################################################ # # Automated password change with password generator, to be run by root # # Name: chpass # Params: user - Name of the user whose password is to be changed # Purpose: Generate & Encrypt a new password. Encrypt so that the # password can be placed directly in the shadow file. # Return: The unencrypted password # ############################################################################ $shadow = "/etc/shadow"; $user = shift; # User to change password @passwd = split /:/, &genpass; # New password $pwd = $passwd[1]; # Encrypted password open SHADOW, $shadow || die "Could not open shadow"; @lines = <SHADOW>; # Read in all lines of the shadow file foreach $line (@lines) { if ($line =~ /$user:/) { # Match for desired user ($user) $line =~ s/:(\w*|\W*)+:/:$pwd:/; # Substitute password with new one } } close SHADOW || die "Close failed"; # Close the original shadow file `chmod o+w $shadow`; # Set permissions to read only open SHADOW, ">" . $shadow || "Could not open shadow"; print SHADOW @lines; # Print array to temp shadow file. close SHADOW || die "Close failed"; `chmod o-w $shadow`; # Set permissions to read only print $passwd[0], "\n"; ############################################################################ # # Name: genpass # Params: (none) # Purpose: Generates a password and encrypt it so that the passwd # field can be placed directly in the shadow file. # Return: Returns a string with the password and the encrypted string # separated by a semi-colon # ############################################################################ sub genpass { srand(time() ^ ($$ + ($$ << 15)) ); # Sets seed for random number $secret = ""; # Will hold generated password while (! ($secret =~ /\w{10}/)) { # Loop generates 10 characters $roll = int(rand 255); $char = chr($roll); if ($char =~ /\w{1}/) { $secret = $secret . $char; } } $passwd = substr($secret, 2,10); # Actual password $salt = $secret; # Used in the encryption function return $passwd . ":" . crypt($passwd, $salt); # Return string } exit; ***************************************** Original question: I am looking for a way to generate a password (ideally relatively difficult to guess) within a script to run on a Solaris 2.6 machine. Any ideas on how this could be done? Thanks.... Stan Pietkiewicz Stan.Pietkiewicz@statcan.ca Informatics Technology Services Division - Statistics Canada It may be statistically possible that my opinion is the same as someone else's - but it is still my opinion! _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Mon Jul 15 14:10:41 2002
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:42:49 EST