* GNATS password management
@ 2001-06-26 10:51 Yngve Svendsen
2001-06-27 14:45 ` Milan Zamazal
0 siblings, 1 reply; 6+ messages in thread
From: Yngve Svendsen @ 2001-06-26 10:51 UTC (permalink / raw)
To: Milan Zamazal; +Cc: gnats-devel
Below is an outline of the two password-management tools I'd like to see
implemented for GNATS 4. gnats-pwconv is intended for upgraders from
version 3 to version 4, while gnats-pw partially mimics the functionality
of Apache's htpasswd tool.
What do you all think?
Yngve Svendsen
gnats-pwconv
gnats-pwconv [-mp] infile outfile
gnats-pwconv -n[mp] infile
Converts the plaintext passwords in the GNATS 3 password file infile and
writes the resulting complete version 4 password file to outfile.
Infile=outfile should be disallowed.
-m, --md5 Use MD5 encryption, i.e. convert passwords to MD5 and add $1$ prefix
-n, --nocreate Don't create file; display results on stdout.
-d, --crypt Force CRYPT encryption of the passwords (default).
-p, --plaintext Do not encrypt the passwords (plaintext). Prefixes existing
passwords with $0$
-t, --test Tests which encryption methods are supported by the system
-h --help
-V --version
gnats-pw
gnats-pw [-cmdps] passwordfile username accesslevel
gnats-pw -n[mdps] username accesslevel
Prompts for a password (twice), then inserts or edits the corresponding
entry in the specified passwordfile. If the -n option is given, the
resulting passwordfile entry is written to stdout instead.
-c, --create Create a new file.
-n, --noupdate Don't update file; display results on stdout.
-m, --md5 Force MD5 encryption of the password, i.e. convert the password
to MD5 and add $1$ prefix
-d, --crypt Force CRYPT encryption of the password (default).
-p, --plaintext Do not encrypt the password (plaintext). Prefixes the
entered password with $0$
-h, --help
-V, --version
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: GNATS password management
2001-06-26 10:51 GNATS password management Yngve Svendsen
@ 2001-06-27 14:45 ` Milan Zamazal
2001-06-27 14:52 ` Yngve Svendsen
0 siblings, 1 reply; 6+ messages in thread
From: Milan Zamazal @ 2001-06-27 14:45 UTC (permalink / raw)
To: Yngve Svendsen; +Cc: gnats-devel
>>>>> "YS" == Yngve Svendsen <yngve.svendsen@clustra.com> writes:
YS> Below is an outline of the two password-management tools I'd
YS> like to see implemented for GNATS 4.
Thanks.
YS> gnats-pwconv
YS> gnats-pwconv [-mp] infile outfile
YS> gnats-pwconv -n[mp] infile
[...]
YS> -n, --nocreate Don't create file; display results on stdout.
This option looks useless to me here.
YS> gnats-pw
YS> gnats-pw [-cmdps] passwordfile username accesslevel
YS> gnats-pw -n[mdps] username accesslevel
I'd call it `gnats-passwd'.
I'm not sure I like specifying `passwordfile' this way (I know htpasswd
does it so). I'd prefer having an `-f / --file' option instead, thus
making the argument optional, possibly combined with `-d / --database'
for specifying a particular database. I think it's easier to handle for
GNATS admins -- they don't have to think about the exact names and
locations of the access files.
Using `-d' for database would cause a collision with:
YS> -d, --crypt Force CRYPT encryption of the password (default).
but maybe someone can find a better single letter for the --crypt
option.
Regards,
Milan Zamazal
--
I think any law that restricts independent use of brainpower is suspect.
-- Kent Pitman in comp.lang.lisp
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: GNATS password management
2001-06-27 14:45 ` Milan Zamazal
@ 2001-06-27 14:52 ` Yngve Svendsen
2001-06-29 1:45 ` Milan Zamazal
0 siblings, 1 reply; 6+ messages in thread
From: Yngve Svendsen @ 2001-06-27 14:52 UTC (permalink / raw)
To: Milan Zamazal; +Cc: gnats-devel
At 23:36 27.06.2001 +0200, Milan Zamazal wrote:
> YS> -n, --nocreate Don't create file; display results on stdout.
>
>This option looks useless to me here.
The rationale for this option is that people might then use it in more
general contexts when they need to calculate an MD5 hash of a password for
use in other applications than GNATS.
> YS> gnats-pw
> YS> gnats-pw [-cmdps] passwordfile username accesslevel
> YS> gnats-pw -n[mdps] username accesslevel
>
>I'd call it `gnats-passwd'.
Yes, if that isn't too long?
>I'm not sure I like specifying `passwordfile' this way (I know htpasswd
>does it so). I'd prefer having an `-f / --file' option instead, thus
>making the argument optional, possibly combined with `-d / --database'
>for specifying a particular database. I think it's easier to handle for
>GNATS admins -- they don't have to think about the exact names and
>locations of the access files.
Yes, that would probably be the best way to do it.
>Using `-d' for database would cause a collision with:
>
> YS> -d, --crypt Force CRYPT encryption of the password (default).
>
>but maybe someone can find a better single letter for the --crypt
>option.
We could use -C, --create for "create new file", and -c, --crypt for "force
DES encryption".
- Yngve
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: GNATS password management
2001-06-27 14:52 ` Yngve Svendsen
@ 2001-06-29 1:45 ` Milan Zamazal
2001-06-29 1:48 ` Yngve Svendsen
0 siblings, 1 reply; 6+ messages in thread
From: Milan Zamazal @ 2001-06-29 1:45 UTC (permalink / raw)
To: Yngve Svendsen; +Cc: gnats-devel
>>>>> "YS" == Yngve Svendsen <yngve.svendsen@clustra.com> writes:
YS> At 23:36 27.06.2001 +0200, Milan Zamazal wrote:
YS> -n, --nocreate Don't create file; display results on stdout.
>> This option looks useless to me here.
YS> The rationale for this option is that people might then use it
YS> in more general contexts when they need to calculate an MD5 hash
YS> of a password for use in other applications than GNATS.
But it's implied (unlike in the case of gnats-passwd) by omitting the
output file on the command line.
>> I'd call it `gnats-passwd'.
YS> Yes, if that isn't too long?
It's not, with modern shell features like completion and aliases
intelligibility is preferred.
YS> We could use -C, --create for "create new file", and -c, --crypt
YS> for "force DES encryption".
That looks well to me.
Regards,
Milan Zamazal
--
Free software is about freedom, not about free beer. If you care only about
the latter, you'll end up with no freedom and no free beer.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: GNATS password management
2001-06-29 1:45 ` Milan Zamazal
@ 2001-06-29 1:48 ` Yngve Svendsen
2001-06-30 11:27 ` Milan Zamazal
0 siblings, 1 reply; 6+ messages in thread
From: Yngve Svendsen @ 2001-06-29 1:48 UTC (permalink / raw)
To: Milan Zamazal; +Cc: gnats-devel
At 10:33 29.06.2001 +0200, Milan Zamazal wrote:
> >>>>> "YS" == Yngve Svendsen <yngve.svendsen@clustra.com> writes:
>
> YS> At 23:36 27.06.2001 +0200, Milan Zamazal wrote:
> YS> -n, --nocreate Don't create file; display results on stdout.
>
>But it's implied (unlike in the case of gnats-passwd) by omitting the
>output file on the command line.
>
> >> I'd call it `gnats-passwd'.
>
> YS> Yes, if that isn't too long?
>
>It's not, with modern shell features like completion and aliases
>intelligibility is preferred.
OK. I think we agree, then? No -n option, and `gnats-passwd' it is.
- Yngve
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: GNATS password management
2001-06-29 1:48 ` Yngve Svendsen
@ 2001-06-30 11:27 ` Milan Zamazal
0 siblings, 0 replies; 6+ messages in thread
From: Milan Zamazal @ 2001-06-30 11:27 UTC (permalink / raw)
To: Yngve Svendsen; +Cc: gnats-devel
>>>>> "YS" == Yngve Svendsen <yngve.svendsen@clustra.com> writes:
YS> OK. I think we agree, then? No -n option, and `gnats-passwd' it
YS> is.
OK.
I'll try to write the program unless anyone else volunteers.
Regards,
Milan Zamazal
--
When you're in a fight with an idiot, it's difficult for other people to tell
which one the idiot is. -- Bruce Perens in debian-devel
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2001-06-30 11:27 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2001-06-26 10:51 GNATS password management Yngve Svendsen
2001-06-27 14:45 ` Milan Zamazal
2001-06-27 14:52 ` Yngve Svendsen
2001-06-29 1:45 ` Milan Zamazal
2001-06-29 1:48 ` Yngve Svendsen
2001-06-30 11:27 ` Milan Zamazal
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).