[NTLUG:Discuss] Re: Create User Account
Dennis Rice
dearroz at comcast.net
Wed Jan 18 18:42:14 CST 2006
Your point regarding security and the encrypted password being in the
history is absolutely correct. My thoughts were explaining a method,
not being recommended just because it is harder than the two separate
commands.
I agree that you noting about the man page, but it does not return the
encrypted password, at least it does not when you use the command
"useradd username -p 'password' ". It should, but... I have used the
command and saw that it is putting the unencrypted password into the
shadow file, at least in Fedora Core 3.
Dennis
Ken Loafman wrote:
From the man page (your friend):
-p, --password PASSWORD
The encrypted password, as returned by crypt(3)...
mkpasswd is a front-end to crypt(3).
It's not a good idea to use passwords on the command line anyway.
'history' would reveal them, and they are visible in process display
commands, besides being visible when you type them. It's never too
early (grandson or class) to start lessons on computer security.
More information about the Discuss
mailing list