[Tutor] passwords

Danny Yoo dyoo@hkn.eecs.berkeley.edu
Mon, 11 Feb 2002 10:33:57 -0800 (PST)


On Sun, 10 Feb 2002, kirk Bailey wrote:

> no kidding unix shell passwords. wencrypted in the database of all
> users in critter.

By the way: many Unix systems will often keep the passwords in a separate
file called '/etc/shadow' for security reasons.  If you see that your
/etc/passwd file has no passwords in it, then this is a sign that your
system is using the shadow password system.



> I already know about the passwd command, it is interactive. IT talks
> back, I bet that could bark at the script real fine.

You may want to be careful that, at most, only one program is touching the
password file at any given time.  The 'vipw' appears to do this, but I'd
have to look at its source code to see how it's doing it.



> so far the only things in python dealing with paswords GET them from
> the user and compare them to the stored password for equality.

You'll want to look at:

    http://www.python.org/doc/lib/module-crypt.html

for information on the crypt() function.  crypt() provides access to the
password-making function your system uses to transform plaintext
passwords.


Good luck to you!