HPE Community
Operating System - HP-UX
1836639 Members
1810 Online
110102 Solutions
New Discussion

Password echo on non-trusted system

 
Dek_1
Advisor

‎08-29-2005 10:19 PM

‎08-29-2005 10:19 PM

Password echo on non-trusted system

Is it possible to turn on the echo from a password change on a non-trusted system ?

We have users who are very worried when nothing appears when they are changing their passwords.
I would like an '*' or even '***' to appear as each character is entered.
0 Kudos
7 REPLIES 7
Pedro Cirne
Esteemed Contributor

‎08-29-2005 10:35 PM

‎08-29-2005 10:35 PM

Re: Password echo on non-trusted system

Hi,

I don't think there is a way to have *** when changing passwords...

Maybe your users should relax by having a cup-of-tea before changing passwords :-))

Enjoy :)

Pedro
0 Kudos
Dek_1
Advisor

‎08-29-2005 10:54 PM

‎08-29-2005 10:54 PM

Re: Password echo on non-trusted system

I like the cup of tea - but I think some of them need a valium ;-0

Thanks for the reply. I suspected that is was the case.
0 Kudos
Jannik
Honored Contributor

‎08-30-2005 01:17 AM

‎08-30-2005 01:17 AM

Re: Password echo on non-trusted system

This perl script will do it in clear text:
#!/usr/bin/perl -w

use FileHandle;
use strict;

my $PASSWD='/etc/passwd';
my $change=0;

die ("usage: $^X username password\n") unless ($#ARGV == 1);

$SIG{'ALRM'}=$SIG{'HUP'}=
$SIG{'INT'}=$SIG{'QUIT'}=
$SIG{'TERM'}=$SIG{'TSTP'}=
$SIG{'TSTP'}=$SIG{'TTOU'}='IGNORE';

sysopen HANDLE, "$PASSWD.xx", O_WRONLY|O_CREAT|O_EXCL, 0644
or die("No open: $!");
link "$PASSWD.xx","$PASSWD.x"
or die ("No link: $!");
unlink "$PASSWD.xx" or die ("No unlink: $!");
sysopen PASSWD, "$PASSWD", O_RDONLY|O_EXCL or die ("No RO open: $!");
while () {
chop;
my ($login,$passwd,$uid,$gid,$gcos, $home, $shell)=split /:/;

if($login eq $ARGV[0]) {
srand(time()^($$+($$ <<15 )));
my $salt=pack("cc",65+int(rand(60)),65+int(rand(60)));
$passwd=crypt($ARGV[1],$salt);
$change++;
};

print HANDLE "$login:$passwd:$uid:$gid:$gcos:$home:$shell\n";
}
unlink "$PASSWD.old";
link("$PASSWD","$PASSWD.OLD");
close(HANDLE);
rename "$PASSWD.x","$PASSWD";
close(PASSWD);
print "Changed $change password(s)\n";
jaton
0 Kudos
Dek_1
Advisor

‎08-30-2005 02:16 AM

‎08-30-2005 02:16 AM

Re: Password echo on non-trusted system

Thanks for the script. In the circumstances we have I really need to have it done by HPUX directly as I can see the script being a source of problems - non-computer more management.

As I suspect it is not available to us so we will need to teach the users what to expect.
0 Kudos
Pedro Cirne
Esteemed Contributor

‎08-30-2005 02:24 AM

‎08-30-2005 02:24 AM

Re: Password echo on non-trusted system

Hi Peter,

Give us some points :P

Thks!

Pedro
0 Kudos
Simon Hargrave
Honored Contributor

‎08-30-2005 02:42 AM

‎08-30-2005 02:42 AM

Re: Password echo on non-trusted system

If you are really adamant to please your users in this way, you could write a replacement passwd facility, and plumb this into PAM.

It won't be easy though, especially if you don't know pam.

See "man pam" for a brief overview.

You could even change it to tell the user to get a cup of tea before typing their password ;)
0 Kudos
Dek_1
Advisor

‎08-30-2005 03:37 AM

‎08-30-2005 03:37 AM

Re: Password echo on non-trusted system

Thanks for those who replied. As I said I will just educate my users - and maybe start to brew more cups of tea.

mmmmm Didn't that lead to some problems in the 'Hitchhikers Guide to the Universe' ? ;-))
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.