On Tue, 2003-12-16 at 10:24, Craig White wrote: > On Tue, 2003-12-16 at 10:02, Liberty Young wrote: > > On Mon, 2003-12-15 at 15:11, Jeremy C. Reed wrote: > > > On Mon, 15 Dec 2003, Liberty Young wrote: > > > > > > > i'm setting up an ftp server (against my wishes) and i'm need to make my > > > > own /etc/passwd clone as the ftp server can use an alternate passwd > > > > file. I'm having trouble creating it, though...how do i crypt the > > > > passwords in the password field? > > > > > > A perl example: > > > > > > $name = $ARGV[0]; > > > @salt_chars = ('a'..'z','A'..'Z','0'..'9'); > > > $salt = $salt_chars[rand(62)] . $salt_chars[rand(62)]; > > > $passwd = crypt ($ARGV[1], $salt); > > > print "$name:$passwd\n"; > > > > > > You can also use Apache's htpasswd. (And maybe proftpd's ftpasswd.) > > > > > > And some systems have a makekey(8) and/or encrypt(1) commands that can be > > > used to create hashed passwords. > > > > > > By the way, what FTP server are you using and how did you configure it to > > > use an alternative password file? > > > > > > Jeremy C. Reed > > > http://www.reedmedia.net/ > > > > I'm using ProFTPd. It has a AuthUsersFile and an AuthgroupsFile > > directive that can specify an alternate /etc/passwd file to use...It > > would work out _perfectly_, if only it would behave intuitively in > > regards to chroot (DefaultRoot). Instead, I have to chroot all of my > > virtual users (ftp only, with no accounts at all on the system) in one > > ftp directory.. Then, in the virtual directory, place another fake > > /etc/passwd in that (but which is not the alternate passwd file), which > > is then used to pop logged in users to their "home directory". > > > ---- > couldn't you just use the normal passwd to add the user, then create a > password and copy the user user from /etc/passwd and the password from > /etc/shadow into the new virtual passwd file and then delete the user > from the normal system? > > Craig > these other replies where late in coming to me, so that's what i ended up doing...though had i known this stuff, i would've done those things first..then i wouldn't have to worry about dangling or left-over info from the previous users laying about.