Beefy Boxes and Bandwidth Generously Provided by pair Networks
We don't bite newbies here... much
 
PerlMonks  

Perl NIS authentication

by tercel04 (Initiate)
on Jun 28, 2007 at 16:51 UTC ( [id://623946]=perlquestion: print w/replies, xml ) Need Help??

tercel04 has asked for the wisdom of the Perl Monks concerning the following question:

Hello, I am trying to write a script that does this:
#verifyuser.pl <user> <password>
<user> is valid
Basiscally i want the script to validate the command line inputs against the NIS passwords.
Is there a perl module that can do this?

I was thinking, even if i could get a hash of <password> I could match it against the /etc/password entry.
Any thoughts??

Replies are listed 'Best First'.
Re: Perl NIS authentication
by archfool (Monk) on Jun 28, 2007 at 17:20 UTC
    Can't you just do a getpwnam and getpwuid and a crypt? NIS is just like files to any program on the OS.
      I did not try that. But I got it to work this way
      use APR::Util();
      @hashpasswd = split(":",chomp($yppasswd = `ypcat passwd | grep $user:`));
      $ok = APR::Util::password_validate($passwd, $hashpasswd\1\); if($ok == 1) { ## Valid User
      }else { ## Invalid user
      }
      Thanks for the reply!
Re: Perl NIS authentication
by idsfa (Vicar) on Jun 29, 2007 at 13:39 UTC

    Just thought that I would point out that this is a bad idea. The passwords you feed it on the command line will be visible as plain text in your shell's history file as well as in the process listing (ps). It would be much safer to feed sensitive information via STDIN.

    Also, your "solution" code can fail quite easily. Consider what happens for the users alice and malice.

    You may want to look at Authen::Simple::NIS.

    use Authen::Simple::NIS; my $nis = Authen::Simple::NIS->new; if ( $nis->authenticate( $username, $password ) ) { # successfull authentication }

    The intelligent reader will judge for himself. Without examining the facts fully and fairly, there is no way of knowing whether vox populi is really vox dei, or merely vox asinorum. — Cyrus H. Gordon

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://623946]
Approved by wfsp
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others scrutinizing the Monastery: (4)
As of 2024-03-28 15:24 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found