(From a novice’s point of view)
The other day I was thinking about how a typical “passwd” command works in a LINUX OS. For example, when we type in “passwd”, a prompt appears letting us type in our password, and then it saves that password wrapping up with cryptographic algorithms and then saves in /etc/shadow. So I came with a “Password/login emulation” of my own. Initially it saves the username along with their password in a file named mango.txt in the form of “username::password”, and next time the same user tries to log in, it asks for the username and password. So I came up with these two scripts.
Script 1: Prompts for a user-name and a password and saves it in a file a called mango.txt.
# Title: username.sh #!/bin/bash # What I'm planning to do here is that, #create a username script which allows a #user to add themselves by puting in #their #names # and their password at the time of #login, it will save itself to a file #with #the username and password. # If username already exists, tells the #user that a user with the same name #exits, else add the new user. # along with a password. The password is # saved in a md5 hash form. exec 2>/dev/null touch mango.txt echo -n "Enter username: " read usame if [ "$usame" == "" ]; then echo -e "Username can not be blank\n" ./username.sh else grep -q $usame mango.txt if [ "$?" == 0 ]; then echo -e "A username with the same name already exists\n" ./username.sh else echo -n "Password: " read -s -p "Password: " passwd while true; do if [ "$passwd" == "" ]; then echo -e "Password can not be blank\n" else echo $usame::$(echo $passwd | md5sum) >> mango.txt echo -e "\nUser $usame added\n" break fi done fi fi
Script 2: If this could be added in “bash.bashrc”, then it would run at each terminal startup, and ask for the username and password. If username and password chinkies with that in mango.txt, then it lets the user login, else terminal exits (; Plain passwords are compared in like md5sum form with the mango.txt file passwords.
#Title: login.sh # A simple login bash script #trap interrupts your keyboard if you #press ctrl+z or ctrl+c trap '' INT TSTP read -p "Enter username: " usname grep -q $usname mango.txt if [ "$?" -gt 0 ]; then echo "Username not found" sleep 1 pkill -9 bash #That's a bit too much I guess, but oh well else read -s -p "Password: " password if [ "$password" == "" ]; then echo "Password can not be blank" ./login.sh else #saves the password in md5sum format in tmp.txt echo $password | md5sum > tmp.txt tmp="$(cat tmp.txt)" #if the md5 hashes match, then allow login saying yo cat mango.txt | grep -q $usname::$tmp if [ "$?" == 0 ]; then echo -e "\nyo" #else print login failed else echo -e "\nLogin failed" sleep 1 pkill -9 bash fi fi fi rm tmp.txt # Deletes the tmp file afterwards
I’m pretty sure it’s nowhere near how that exactly works in a LINUX system(not to mention the cryptographies like ccrypt and scrypt and different salting mechanisms), but it’s as best as I could come up with..perhaps a little nudge to the right direction as to how that actually works would be great from the experts. (: