From root@odie.hrz.uni-bielefeld.de  Mon Jun 19 05:23:12 2000
Return-Path: <root@odie.hrz.uni-bielefeld.de>
Received: from mail.uni-bielefeld.de (mail2.uni-bielefeld.de [129.70.4.90])
	by hub.freebsd.org (Postfix) with ESMTP id EFC2337B517
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 19 Jun 2000 05:23:06 -0700 (PDT)
	(envelope-from root@odie.hrz.uni-bielefeld.de)
Received: from odie.hrz.uni-bielefeld.de
 (odie.hrz.uni-bielefeld.de [129.70.5.87])
 by mail.uni-bielefeld.de (Sun Internet Mail Server
 sims.4.0.2000.05.17.04.13.p6)
 with ESMTP id <0FWE00LGGIEHO5@mail.uni-bielefeld.de> for
 FreeBSD-gnats-submit@freebsd.org; Mon, 19 Jun 2000 14:23:05 +0200 (MET DST)
Received: (from root@localhost)	by odie.hrz.uni-bielefeld.de (8.9.3/8.9.3)
 id OAA02232; Mon, 19 Jun 2000 14:23:04 +0200 (CEST envelope-from root)
Message-Id: <200006191223.OAA02232@odie.hrz.uni-bielefeld.de>
Date: Mon, 19 Jun 2000 14:23:04 +0200 (CEST)
From: root@uni-bielefeld.de
Sender: root@odie.hrz.uni-bielefeld.de
Reply-To: lars.koeller@uni-bielefeld.de
To: FreeBSD-gnats-submit@freebsd.org
Subject: makekey accepts only 8-byte Passwords (noninteractive password change)
X-Send-Pr-Version: 3.2

>Number:         19375
>Category:       bin
>Synopsis:       makekey accepts only 8-byte password
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jun 19 05:30:01 PDT 2000
>Closed-Date:    Sat Jul 21 20:50:50 PDT 2001
>Last-Modified:  Sat Jul 21 20:51:46 PDT 2001
>Originator:     Charlie &
>Release:        FreeBSD 3.4-RELEASE i386
>Organization:
Computing Center, University of Bielefeld, Germany
>Environment:

	Freebsd 3.4-RELEASE i386

>Description:

	There is the need to change user passwords non-interactively over a
	privisioning system.

	adduser: does nothing cause the user exists
	chpass : interactively reads from /dev/tty
		 or you need makekey to encrypt the passwd
	passwd : only interactive usable

	So the focus came to makekey, which reads a fixed length of 8 chars
	for the password and 2 chars for the salt. So one can't set a 7 byte
	pasword.

	Also the documentation isn't very usefull.

>How-To-Repeat:

	/usr/libexec/makekey

>Fix:
A very complicated "hack" is

	  echo -e "secret\0\0Sa" | /usr/libexec/makekey

	this is equivalent to

	  echo -e "secret\0 Sa" | /usr/libexec/makekey

	cause the \0 ist the implicit end of string in C.
	
	The very best would be an adduser script which allows the change of
	the password with a flag, like

	adduser -c -p <clear-text-password>

	or a chpass with this option. Sure, it's better to transfer the 
	password encrypted, but than we need a better makekey to do the job.

>Release-Note:
>Audit-Trail:

From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
To: lars.koeller@uni-bielefeld.de
Cc: FreeBSD-gnats-submit@FreeBSD.ORG
Subject: bin/19375: makekey accepts only 8-byte Passwords (noninteractive password change)
Date: Mon, 19 Jun 2000 13:21:05 -0400 (EDT)

 <<On Mon, 19 Jun 2000 14:23:04 +0200 (CEST), root@uni-bielefeld.de said:
 
 > 	There is the need to change user passwords non-interactively over a
 > 	privisioning system.
 
 perl -e 'print crypt(foo, bar);'
 
 -GAWollman
 
 
State-Changed-From-To: open->closed 
State-Changed-By: mike 
State-Changed-When: Sat Jul 21 20:50:50 PDT 2001 
State-Changed-Why:  

This is a question, not a problem report.  In any event, wollman 
answered the originator's question; see the Audit-Trail. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=19375 
>Unformatted:
