All of lore.kernel.org
 help / color / mirror / Atom feed
* Useradd: crypted passwords longer than 8 characters
@ 2019-10-21 15:25 Lukasz Zemla
  2019-10-21 16:15 ` Mark Hatle
  0 siblings, 1 reply; 3+ messages in thread
From: Lukasz Zemla @ 2019-10-21 15:25 UTC (permalink / raw)
  To: yocto

What is the best way in Yocto (warrior) to add crypted password to /etc/shadow during buildtime?

Using useradd.bbclass in a standard way we may add only passwords <= 8 characters.
"-p" parameterr followed by the output of "openssl passwd -crypt pAsswOrd" works fine.

I thought that class may be cheated by providing after "-p" string returned by "openssl passwd -6 verylongpAsswOrd", but it does not work: the password in /etc/shadow file is truncated:

myuser:/D163GofCVEpMgZ.w2Ro3Z.b5S8XT1:18190:0:99999:7:::

Any suggestions?

Thank you in advance.
Lukasz Zemla

***
The information in this email is confidential and intended solely for the individual or entity to whom it is addressed.  If you have received this email in error please notify the sender by return e-mail, delete this email, and refrain from any disclosure or action based on the information.
***


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: Useradd: crypted passwords longer than 8 characters
  2019-10-21 15:25 Useradd: crypted passwords longer than 8 characters Lukasz Zemla
@ 2019-10-21 16:15 ` Mark Hatle
  2019-10-21 16:56   ` Bryan Evenson
  0 siblings, 1 reply; 3+ messages in thread
From: Mark Hatle @ 2019-10-21 16:15 UTC (permalink / raw)
  To: Lukasz Zemla, yocto

Crypt the password yourself and pass it in to the adduser command.

--Mark

On 10/21/19 10:25 AM, Lukasz Zemla wrote:
> What is the best way in Yocto (warrior) to add crypted password to /etc/shadow during buildtime?
> 
> Using useradd.bbclass in a standard way we may add only passwords <= 8 characters.
> "-p" parameterr followed by the output of "openssl passwd -crypt pAsswOrd" works fine.
> 
> I thought that class may be cheated by providing after "-p" string returned by "openssl passwd -6 verylongpAsswOrd", but it does not work: the password in /etc/shadow file is truncated:
> 
> myuser:/D163GofCVEpMgZ.w2Ro3Z.b5S8XT1:18190:0:99999:7:::
> 
> Any suggestions?
> 
> Thank you in advance.
> Lukasz Zemla
> 
> ***
> The information in this email is confidential and intended solely for the individual or entity to whom it is addressed.  If you have received this email in error please notify the sender by return e-mail, delete this email, and refrain from any disclosure or action based on the information.
> ***
> 


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: Useradd: crypted passwords longer than 8 characters
  2019-10-21 16:15 ` Mark Hatle
@ 2019-10-21 16:56   ` Bryan Evenson
  0 siblings, 0 replies; 3+ messages in thread
From: Bryan Evenson @ 2019-10-21 16:56 UTC (permalink / raw)
  To: Mark Hatle, Lukasz Zemla, yocto

Lukasz,

You can use the the EXTRA_USER_PARAMS variable in your image recipe: https://www.yoctoproject.org/docs/current/mega-manual/mega-manual.html#ref-classes-extrausers.  Both usermod and useradd take a plaintext password with the -P option, but I believe the password is then encrypted prior to being saved in /etc/shadow.  Then you'll need to follow proper precautions to ensure your image recipe stays secret since it'd include the plaintext password.

-Bryan

> -----Original Message-----
> From: yocto-bounces@yoctoproject.org <yocto-bounces@yoctoproject.org>
> On Behalf Of Mark Hatle
> Sent: Monday, October 21, 2019 12:15 PM
> To: Lukasz Zemla <Lukasz.Zemla@woodward.com>; yocto@yoctoproject.org
> Subject: Re: [yocto] Useradd: crypted passwords longer than 8 characters
> 
> Crypt the password yourself and pass it in to the adduser command.
> 
> --Mark
> 
> On 10/21/19 10:25 AM, Lukasz Zemla wrote:
> > What is the best way in Yocto (warrior) to add crypted password to
> /etc/shadow during buildtime?
> >
> > Using useradd.bbclass in a standard way we may add only passwords <= 8
> characters.
> > "-p" parameterr followed by the output of "openssl passwd -crypt
> pAsswOrd" works fine.
> >
> > I thought that class may be cheated by providing after "-p" string returned
> by "openssl passwd -6 verylongpAsswOrd", but it does not work: the
> password in /etc/shadow file is truncated:
> >
> > myuser:/D163GofCVEpMgZ.w2Ro3Z.b5S8XT1:18190:0:99999:7:::
> >
> > Any suggestions?
> >
> > Thank you in advance.
> > Lukasz Zemla
> >
> > ***
> > The information in this email is confidential and intended solely for the
> individual or entity to whom it is addressed.  If you have received this email in
> error please notify the sender by return e-mail, delete this email, and refrain
> from any disclosure or action based on the information.
> > ***
> >
> --
> _______________________________________________
> yocto mailing list
> yocto@yoctoproject.org
> https://lists.yoctoproject.org/listinfo/yocto

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-10-21 16:56 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-10-21 15:25 Useradd: crypted passwords longer than 8 characters Lukasz Zemla
2019-10-21 16:15 ` Mark Hatle
2019-10-21 16:56   ` Bryan Evenson

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.