Linux authentification check?

[Roman Hausner]

Is there a library or some other way to simply check whether a
user/password combination is valid for the Linux machine I am
running on? No need to actually switch the current user, change
the effective group or user id etc. All I want is to make sure that
the username exists and that the password is valid for that user.
(I want to allow only those users to use a certain service running
within a restricted server that have a userid defined on that machine)

 

[Jon Lim]

ruby-pam might be what you're looking for.

Is there a library or some other way to simply check whether a
user/password combination is valid for the Linux machine I am
running on? No need to actually switch the current user, change
the effective group or user id etc. All I want is to make sure that
the username exists and that the password is valid for that user.
(I want to allow only those users to use a certain service running
within a restricted server that have a userid defined on that machine)

 

[Roman Hausner]

ruby-pam might be what you're looking for.

It seems this needs the system PAM libraries to be installed.
I am not really intending to switch the authentification methods of
the linux box or anything, I just want ruby to use the existing
authentification method to check for a valid username/password.

Maybe I am missing something, but I was expecting something like
boolean = validate(username,password)
and be done with it

 

[Wilson Bilkovich]

It seems this needs the system PAM libraries to be installed.
I am not really intending to switch the authentification methods of
the linux box or anything, I just want ruby to use the existing
authentification method to check for a valid username/password.

Maybe I am missing something, but I was expecting something like
boolean = validate(username,password)
and be done with it

Are you saying that PAM isn't installed on your Linux box?
If it is, you should use it. /etc/passwd is definitely not the last
word in login authentication. Be careful about your assumptions, or
else the guy with the smartcard won't be able to use your Ruby
program.

 

[Roman Hausner]

Are you saying that PAM isn't installed on your Linux box?
If it is, you should use it. /etc/passwd is definitely not the last
word in login authentication. Be careful about your assumptions, or
else the guy with the smartcard won't be able to use your Ruby
program.

The linux machine is not under my control. I am just the one who writes
that server program.

As it turns out, it already would be sufficient if I could do the same
that the "crypt" function achieves under perl.
Perl does have this as part of the core language -- how can I access
this function in ruby?

 

[Joel VanderWerf]

As it turns out, it already would be sufficient if I could do the same
that the "crypt" function achieves under perl.
Perl does have this as part of the core language -- how can I access
this function in ruby?

$ ri String#crypt | cat
----------------------------------------------------------- String#crypt
str.crypt(other_str) => new_str

 

[Gabriele Marrone]

Il giorno 07/nov/06, alle ore 23:40, Roman Hausner ha scritto:

As it turns out, it already would be sufficient if I could do the same
that the "crypt" function achieves under perl.
Perl does have this as part of the core language -- how can I access
this function in ruby?

Ruby does too, as a String method:

----------------------------------------------------------- String#crypt
str.crypt(other_str) => new_str

 

[Roman Hausner]

Il giorno 07/nov/06, alle ore 23:40, Roman Hausner ha scritto:


Ruby does too, as a String method:

----------------------------------------------------------- String#crypt
str.crypt(other_str) => new_str

Thanks!
I was looking in all the wrong places -- wow that you say it, it seems
natural to have it as a String method

 

[snacktime]

The linux machine is not under my control. I am just the one who writes

that server program.

As it turns out, it already would be sufficient if I could do the same
that the "crypt" function achieves under perl.

Only if your server runs as root though, and only if the linux server
uses the password file for authentication.