Re: create password in postinst
On Sun, Feb 05, 2006 at 10:58:00AM -0500, Anthony DeRobertis wrote:
> Daniel Knabl wrote:
>
> > ask the user for a password via debconf (store in $CLEARPASS)
> > and then do HASH=`mkpasswd -S 35348090 -H md5 $CLEARPASS` and
> > afterwards the usual sed -e "s/default/"$HASH"/;" ...
>
> No, that's not ok. First off, any "funny" characters in the password
> will cause errors. Second, and probably more important, any user running
> 'ps' will be able to read the plain-text password.
>
> If you want to use mkpasswd, read about its -P and -s options. Pipe the
> password to it. [But don't use /bin/echo for that; same problem...] Not
> quite sure how to pull that off in sh, maybe someone will have
> suggestions...
Does this work?
mkpasswdd -H md5 -S 35348090 -s <<EOF
$password
EOF
Why the constant hash, anyway? Doesn't that destroy the purpose of
it?
Justin
Reply to: