Checking Unix Passwords

[iaresean]

Hey all,

I have a web page that utilizes suidperl. At the moment I am using .htaccess to restrict access to the page but I would like to switch over to using session's instead.

Is it possible to check retrieve a unix users password and check it against the username and password supplied. We use md5 encryption I think. I know how to work with md5 encryption but I do not know how to fetch the password from unix/linux.

linux rh9 + perl5.

Thanks a bunch to any and all help regarding this matter!

Sean.

 

[MikeLacey]

sean hi,

have a look at the crypt() function, that should do what you need

Mike

Want to get great answers to your Tek-Tips questions? Have a look at faq219-2884

It's like this; even samurai have teddy bears, and even teddy bears get drunk.

 

[iaresean]

MikeLacey-->

Is this just an encryption tool or is it able to retrieve the encrypted version of unix user's passwords? I have created a user named DAG on the unix server with a password : *****.

I want the user to enter the username (has to be DAG) and password (DAG's password) and then I want to check to see if the password is correct, then I want the user to be effectively logged in to the box via the suidperl script as user DAG. (Thereby having all of DAG's permissions)

Thanks for any and all help, suggestions, links etc...

Sean.

 

[iaresean]

WOW!

I did a bit of research and it seems like it is exactly what I need:

($name,$passwd,$uid,$gid,$quota,$comment,$gcos,$dir,$shell) = getpwnam('DAG');

This retrieves all the data for the user DAG. I just have to figure out what type of encryption we used for the linux users passwords.

Sean.