[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: create password in postinst

On Sun, Feb 05, 2006 at 10:58:00AM -0500, Anthony DeRobertis wrote:
> Daniel Knabl wrote:
> >  ask the user for a password via debconf (store in $CLEARPASS)
> >  and then do HASH=`mkpasswd -S 35348090 -H md5 $CLEARPASS` and
> >  afterwards the usual sed -e "s/default/"$HASH"/;" ...
> No, that's not ok. First off, any "funny" characters in the password
> will cause errors. Second, and probably more important, any user running
> 'ps' will be able to read the plain-text password.
> If you want to use mkpasswd, read about its -P and -s options. Pipe the
> password to it. [But don't use /bin/echo for that; same problem...] Not
> quite sure how to pull that off in sh, maybe someone will have
> suggestions...
Does this work?

	mkpasswdd -H md5 -S 35348090 -s <<EOF
Why the constant hash, anyway?  Doesn't that destroy the purpose of


Reply to: