Fuck you Linux! I thought user password validation would be a piece of cake, like bash one liner. How wrong could I be!

Yeah, it's already ugly to grep hash and salt from /etc/shadow, but I could accept that. But then give me a friggin' tool to generate the hash. And of course the distro I chose has the wrong makepswd, OpenSSL is too old to have the new SHA-512 built in, as it should be a minimal installation I don't want to use perl or python...
And the stupid crypto function that would do me the job is even included in glibc. So it's only one line of C-code to give me all I want, but there is no package that would provide me this dull binary? Instead I will have to compile it myself and then again remove the compiler to keep image small?

  • 0
    What kind of user validation?
  • 0
    @linuxxx Just a 'simple' password match. Or rather hash match of course. - Code is public domain like that: https://akkadia.org/drepper/... - or as it is in glibc you can just call the crypt function... But why zum Blitzkriegdonnerwetter is there no tool that would supply this? (mkpasswd like on Debian is not available on CentOS.) Are we not supposed to check passwords in userspace or what?

    I mean we have this crazy abundance of this little tools. Historically grown, so we have useradd an adduser with subtle semantic differences. Thank you for this. And the gazillions of flags and options that are not stable across versions or distributions.

    This is UNIX-hell: parsing's supposed to be a solved problem, but everything is a file is a string, so you spend the whole day tailgrepawking through the dirty mud of your data.
  • 0
    @2lazy2debug Ended up with this. - Only that I had to write mkpasswd myself.
  • 0
    @2lazy2debug but wasted half a day weighing in different options, optimizing the C-code....
  • 0
    @2lazy2debug Then your user name is not so real, or do you prefer refactoring, beautifying code over debugging (like me(-;)?
Add Comment