[plug] Password checking ..
Greg Mildenhall
assassin at live.wasp.net.au
Thu Jul 12 12:07:36 WST 2001
On Thu, 12 Jul 2001, Brian Tombleson wrote:
> I need to check that a user's password is the same and correct on two
> seperate systems (RH6.2).
You can't decrypt the password from the crypted version in the shadow
file. You can't even necessarily compare the two crypted versions, because
any decent password encryption system will come up with different crypted
versions if you crypt the same password twice.
In short: you're out of luck. (unless your crypt always crypts the same
password to the same encryped string, in which case replace it. :)
Since you can't _test_ that the two are the same, you may have to
_enforce_ that they are the same. You can do that by copying the crypted
text from one shadow file to the other, or via more sophisticated means
such as NIS.
-Greg Mildenhall
More information about the plug
mailing list