unit testing automated password assignment

[Aryeh Friedman]

I have a script that automatically creates a user and sets their password:

echo $3 | sudo pw useradd $1 -m -c "$2" -s tcsh -h0

and by my employer's policy I need to unit test... my question is
how... the checking for user existence and such is easy but how do I
test that the password is correct?
_______________________________________________
freebsd...@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hacke...@freebsd.org"

[Boris Kochergin]

Have a look at http://cr.yp.to/checkpwd.html. A FreeBSD port is
available in security/checkpassword.

-Boris

[Lars Engels]

Quoting Boris Kochergin <sp...@acm.poly.edu>:

> Aryeh Friedman wrote:
>> I have a script that automatically creates a user and sets their password:
>>
>> echo $3 | sudo pw useradd $1 -m -c "$2" -s tcsh -h0
>>
>> and by my employer's policy I need to unit test... my question is
>> how... the checking for user existence and such is easy but how do I
>> test that the password is correct?

And if you want to enforce strong passwords, take a look at pam_passwdqc(8).

--
Lars Engels
E-Mail: lars....@0x20.net

[Dag-Erling Smørgrav]

Lars Engels <lars....@0x20.net> writes:
> And if you want to enforce strong passwords, take a look at pam_passwdqc(8).

Or don't, it's waaay out of date. I should import a newer version, just
never got around to it. Patches are welcome.

DES
--
Dag-Erling Smørgrav - d...@des.no

[Lars Engels]

Quoting Dag-Erling Smørgrav <d...@des.no>:

> Lars Engels <lars....@0x20.net> writes:
>> And if you want to enforce strong passwords, take a look at pam_passwdqc(8).
>
> Or don't, it's waaay out of date. I should import a newer version, just
> never got around to it. Patches are welcome.

Yes, today I was looking for the sources to use on Solaris and I saw
that there was some activity in during the last months.

OTOH the module in our base is still working. I successfully it last week.