Earlier, I was asked if I had any good solutions for scripting a user account generator in bash -- asking the user what they had already, I received:
useradd -n -g users -p [password] -s /bin/false [username]
I asked what the problem seemed to be, and the response was the password didn't seem to work -- if they used 'passwd' interactively, it'd work -- but unattended, it failed.
Having a look at the useradd manual, we see:
-p -- The encrypted password, as returned by crypt(3).
After trying various combinations - I thought about OpenSSL. What if I gave it the password and got it to do the crypt work first, then fed the encrypted string to useradd?
Something like:
#!/bin/bash
clear="[password]"
crypt="openssl passwd -crypt $clear"
success="0"
failure="1"
useradd -n -g users -p $crypt -s /bin/false [username]
exit $?
Cut and Paste the above into a script and instantly you have a semi-autonomous way of adding generated (or defined) passwords to your machine, all with the help of OpenSSL.
No comments:
Post a Comment