[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: password generator

To: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Subject: Re: password generator
From: suffocator@gmx.de
Date: Fri, 3 Oct 2003 20:53:28 +0200 (MEST)
Cc: openldap-software@OpenLDAP.org
References: <HBF.20031003cccu@bombur.uio.no>

hi all,

thanks for giving some hints, at least i decided to try to write a script on
my own and it worked for me. first there´s a script that is based on pwgen
(thanks to ace) and generates plain passwords into  file1. second there´s a 
script that generates crypted passwords from the plain passwords in file1
({ssha}) and puts them in file2. now i have plain passwords to send it via
email and crypted passwords to put them into my ldif.

@hallvard: thanks for the script and your suggestions, i certainly will
crypt
all mail and use our existing mail-infrastructure ;)

if you´re interested in the scripts:

1: pwgen_loop.sh:
---------------------

#!/bin/bash
COUNTER=1;
LIMIT=80000;

while [ $COUNTER -le "$LIMIT" ]
do
        /usr/bin/pwgen ql 6 >> /root/pw_list
        COUNTER=$(($COUNTER+1))
done

2. slappw_loop.sh
---------------------

#!/bin/bash
COUNTER=1;
LIMIT=80000;
PASSWD=$(/bin/sed -e "$COUNTER!d" /root/pw_list)

while [ $COUNTER -le "$LIMIT" ]
do
        /usr/sbin/slappasswd -s $PASSWD >> /root/pw_list_ssha

        COUNTER=$(($COUNTER+1))
        PASSWD=$(/bin/sed -e "$COUNTER!d" /root/pw_list)
done

bye & cheers,

magnus

> suffocator@gmx.de writes:
> > does anyone know how to automatically generate a password for 
> > every user in a database?
> 
> # This is Larry Wall's password program, somewhat rewritten.  I couldn't
> # find it on the net, and our version is rather Norwegian, but there
> # is a 'goodenough' routine you can probably use.
> # in http://ftp.se.kde.org/pub/security/tools/password/yppapasswd/.
> require "passwd.pl";
> 
> my @passwd_chars =
>     ('a'..'z', 'A'..'Z', 0..9, '-', '+', '?', '=', '*', '(', ')',
>      '/', '&', '%', "\#", '"', '_', '!', ',', ';', '.', ':');
> my (@passwd_salt) = ('.', '/', '0'..'9', 'a'..'z', 'A'..'Z');
> 
> sub make_passwd {
>     my $pass;
>     do {
> 	$pass = "";
> 	$pass .= $passwd_salt[rand(scalar(@passwd_salt))]
> 	    while length($pass) < 8;
>     } while (! &passwd::goodenough($pass));
>     return ($pass, crypt($pass,   $passwd_salt[rand(scalar(@passwd_salt))]
> 				. $passwd_salt[rand(scalar(@passwd_salt))]);
> }
> 
> > another problem is that i need every password in plain text to send
> > this initial password via email to every user...
> 
> You shouldn't.  E-mail is insecure, snoopers can pick up passwords you
> send that way.  Besides, how will the users read their e-mail if they
> need the new passwords - which they don't know yet - to log in?
> 
> -- 
> Hallvard
> 

-- 
support our band!!!
visit http://www.humanbastard.de

support the search for extraterrestrial intelligence!
visit http://setiathome.berkeley.edu

NEU FÜR ALLE - GMX MediaCenter - für Fotos, Musik, Dateien...
Fotoalbum, File Sharing, MMS, Multimedia-Gruß, GMX FotoService

Jetzt kostenlos anmelden unter http://www.gmx.net

+++ GMX - die erste Adresse für Mail, Message, More! +++

References:
- Re: password generator
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>

Prev by Date: Master LDAP and Small part replicated
Next by Date: use of bdb cachesize property
Index(es):
- Chronological
- Thread