Linux password manipulation in Python

[John Krukoff]

You probably want to look at man 3 crypt. Since every current linux
distribution that I know of uses MD5 sums to encrypt its passwords you
probably need to make use of the bit of magic mentioned near the bottom
of the page (and by another poster talking about perl webmin scripts),
under 'GNU EXTENSION'.

On my box (gentoo):
	
	# grep jkrukoff /etc/shadow
	jkrukoff:$1$TR8v8QBY$/RuCh8wlK.aHczufkXFbZ/:12129:0:99999:7:::

	# python
	>>> from crypt import crypt
	>>> crypt( 'bob', '$1$TR8v8QBY$' )
	'$1$TR8v8QBY$/RuCh8wlK.aHczufkXFbZ/'

Where the salt begins with '$1$', is a maximum of eight characters and
is optionally terminated by a '$'. Needless to say, this probably isn't
very portable.

I would guess that the only way to attempt to work with passwords
portably would probably be to wrap the passwd command. Still, it must be
a difficult problem as I haven't seen a configure script yet that will
create all required users for you... Anybody know a portable way to set
a password?

On Mon, 2003-03-17 at 11:30, Gary Herron wrote:
> Hi,
> 
> This may be more of a Linux than Python question, but I'll try asking
> it here first.
> 
> How does one deal with encrypted passwords on a Linux system which
> uses shadow passwords?
> 
> The 'crypt' module has an example in its documentation of encrypting a
> password (and then comparing to the contents of the /etc/passwd file),
> but that example explicitly states it does not support shadow
> passwords.  And when I use crypt to encrypt a known password, I do not
> get anything like the contents of the /etc/shadow file.
> 
> Thanks for any help,
> 
> Gary Herron
-- 
John Krukoff <jkrukoff at ltgc.com>
Land Title Guarantee Company
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: This is a digitally signed message part
URL: <http://mail.python.org/pipermail/python-list/attachments/20030317/27c3a4e7/attachment.sig>