tercel04 has asked for the wisdom of the Perl Monks concerning the following question:

Hello, I am trying to write a script that does this: <user> <password>
<user> is valid
Basiscally i want the script to validate the command line inputs against the NIS passwords.
Is there a perl module that can do this?

I was thinking, even if i could get a hash of <password> I could match it against the /etc/password entry.
Any thoughts??

Replies are listed 'Best First'.
Re: Perl NIS authentication
by archfool (Monk) on Jun 28, 2007 at 17:20 UTC
    Can't you just do a getpwnam and getpwuid and a crypt? NIS is just like files to any program on the OS.
      I did not try that. But I got it to work this way
      use APR::Util();
      @hashpasswd = split(":",chomp($yppasswd = `ypcat passwd | grep $user:`));
      $ok = APR::Util::password_validate($passwd, $hashpasswd\1\); if($ok == 1) { ## Valid User
      }else { ## Invalid user
      Thanks for the reply!
Re: Perl NIS authentication
by idsfa (Vicar) on Jun 29, 2007 at 13:39 UTC

    Just thought that I would point out that this is a bad idea. The passwords you feed it on the command line will be visible as plain text in your shell's history file as well as in the process listing (ps). It would be much safer to feed sensitive information via STDIN.

    Also, your "solution" code can fail quite easily. Consider what happens for the users alice and malice.

    You may want to look at Authen::Simple::NIS.

    use Authen::Simple::NIS; my $nis = Authen::Simple::NIS->new; if ( $nis->authenticate( $username, $password ) ) { # successfull authentication }

    The intelligent reader will judge for himself. Without examining the facts fully and fairly, there is no way of knowing whether vox populi is really vox dei, or merely vox asinorum. — Cyrus H. Gordon