Solved

How do I verify a password in Solaris 9 default install without using it ?  I need to script this.

Posted on 2008-10-01
9
352 Views
Last Modified: 2013-11-13
Long story short, I create a LOT of temp accounts for short term programmers from other lands.

What is the easiest way to verify they have an account and the password works WITHOUT using it.

I would like to create a little script that zips though.  

su  does not seem to behave well in a script :)


0
Comment
Question by:itguy411
  • 2
  • 2
  • 2
  • +2
9 Comments
 
LVL 48

Expert Comment

by:Tintin
ID: 22618692
Do you know what the password for the accounts is or will you have to guess it?
0
 

Author Comment

by:itguy411
ID: 22619201
I know it.  

I create it

0
 
LVL 48

Accepted Solution

by:
Tintin earned 300 total points
ID: 22619344
In that case, you can verify the account exists by doing

grep username: /etc/passwd

for the password, you need to extract the encrypted password from /etc/shadow and then run it through the following perl script, eg:

chkpass.pl  somepasswd a3bL.vfoZZTk6
#!/usr/bin/perl
my ($pass,$encrypted) = @ARGV;
print "Match\n" if (crypt($pass,$encrypted) eq $encrypted);

Open in new window

0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 34

Expert Comment

by:Duncan Roe
ID: 22619353
If using shadow passwords, you need to be root because you have to verify passwords against /etc/shadow. Then you can run through /etc/passwd. Might be best to do with a C program - doing it in a script could be a bit of an ask
0
 
LVL 34

Expert Comment

by:Duncan Roe
ID: 22619364
Ok perl will do it
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 22620125
if ftp is enabled for these users (which is the default) then you may use ftp client to access and get some file. e.g. you can use


wget ftp://servername/etc/hosts --ftp-user=username --ftp-password=password

here link to download wget if you don't have it already installed:

ftp://ftp.sunfreeware.com/pub/freeware/sparc/9/wget-1.11.4-sol9-sparc-local.gz

please check the site for dependencies

(I know, it is not the best way to do so)
0
 
LVL 6

Expert Comment

by:peter991
ID: 22622219
It could be a risk running a script or command with username/password as an argument.
If someone makes an '$>ps -ef' during this short time they will probably see a password or worse, username and password.

I wish I had and waterproof answer but at the moment I don't.
At least you could run these tests on a closed machine where only you have access?
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 22622425
the test can be run from a remote system where no users are using it
0
 

Author Closing Comment

by:itguy411
ID: 31502136
This does work  
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Weird Samba Connectivity Issue... 7 39
How to make a Bash alias that takes parameters 5 53
SonarQube on Linux vs Windows 3 23
SQL Insert parts by customer 12 31
Whether you've completed a degree in computer sciences or you're a self-taught programmer, writing your first lines of code in the real world is always a challenge. Here are some of the most common pitfalls for new programmers.
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now