Verify user password

Polytropon freebsd at edvax.de
Sat Aug 15 18:49:21 UTC 2020


On Sat, 15 Aug 2020 12:39:06 +0000, Grzegorz Junka wrote:
> How can I verify if a given password matches the password stored in 
> master.passwd database for a user account that is set up with 
> /nonexistent and /usr/sbin/nologin (so a user that can't normally login 
> to the system but still can have a password stored in the database)?

First of all, /nonexistent and /usr/sbin/nologin have different
purposes: if after a successful login the user's interactive shell
is to be executed, /nonexistent leads to a "cannot find that program
to execute, exiting right now" situation, while /usr/sbin/nologin
can actually be executed and then displays an error message and
exits, terminating the session.

See "man 1 login" and "man 1 nologin" for details.

Regarding password verification:

If you have read access to /etc/master.passwd and the clear text
password of a user, you can use the crypt() function to generate
the encrypted password, and then compare that. I think that is
what you try to do, correct?

provided: 	plain-text password P from somewhere
		encrypted password E from /etc/master.passwd

intended:	is crypt(P) == E?

approach:	P' = crypt(P)
		test if P' == S

This is of course very simplified. :-)

See "man 5 passwd" and especially "man 3 crypt" for details.


-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...


More information about the freebsd-questions mailing list