I'm doing a project named Webmail (with Linux/Perl as backend). When a user registers on our site by giving a username...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
and password, his password is encrypted and stored in the shadow password file (/etc/shadow). I want to check the password entered by a user with this shadow password file where his password is encrypted through my program. Can you tell me how I can do this?
The routines you need are in
I think the main routine you want is getspent(). This gets the shadow password entry and lets you compare things as you desire. Read through that man page -- it includes the data structures in all their gory detail.
For more information on this topic, visit these other SearchSecurity resources:
Best Web Links: Passwords/Authentication
Ask the Expert: What is password shadowing?
Best Web Links: Securing Linux
Dig Deeper on Security Resources
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.