You are not logged in.

#1 2014-09-26 15:32:16

freaxtux
Member
Registered: 2012-07-17
Posts: 26

automatic new user submission with ssh?

Hi. I'm trying to make a some kind of NAS with Raspberry Pi, via SFTP.
The problem is that my friends don't know a thing about Linux, and they aren't going to show me their password.
A solution came up to me was that they use putty to login with guest account, and fill in some kind of submission form presented by bashrc.
but how could I make a guest user to add new user?
granting root permission would be too dangerous, and saving their password in plaintext is not what I want to do.(even if they are protected by special permission)

Maybe the passwords could be encrypted on-the-fly, so that I could paste the string into /etc/gshadow later on?

or are there some better way to solve it?

Last edited by freaxtux (2014-09-26 15:32:28)

Offline

#2 2014-09-26 16:09:50

ewaller
Administrator
From: Pasadena, CA
Registered: 2009-07-13
Posts: 15,188

Re: automatic new user submission with ssh?

This is a perfect case for using public key cryptography.  And it is intrinsic to sftp.

Be sure you read both this article on SSH keys and this more general article on ssh


Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
----
How to Ask Questions the Smart Way

Offline

#3 2014-09-26 16:40:30

lucke
Member
From: Poland
Registered: 2004-11-30
Posts: 4,018

Re: automatic new user submission with ssh?

Set up accounts with the names they want, set and give them temporary passwords, make them log in via putty and change their passwords with "passwd".

Offline

#4 2014-09-26 20:04:26

teateawhy
Member
From: GER
Registered: 2012-03-05
Posts: 1,120
Website

Re: automatic new user submission with ssh?

freaxtux wrote:

.. they aren't going to show me their password.

Whats the point about this? The password itself is not really valuable. The data is already known to you. Are they only able to remember one single password and use that for all services? If so, the solution is to make them use a unique password for your service.

Offline

#5 2014-09-27 01:23:07

freaxtux
Member
Registered: 2012-07-17
Posts: 26

Re: automatic new user submission with ssh?

teateawhy wrote:
freaxtux wrote:

.. they aren't going to show me their password.

Whats the point about this? The password itself is not really valuable. The data is already known to you. Are they only able to remember one single password and use that for all services? If so, the solution is to make them use a unique password for your service.

I know it's stupid, but it's hard to persuade them. You know,  there are still whole lot of people out there using "password" as their password...
Furthermore, I was planning to make each of them an encrypted folder with ecryptfs.

I found a solution.

openssl passwd -1 -salt xyz  yourpass

this command generates an encrypted string which can be directly pasted into /etc/shadow.

Thanks for all of you for your answers! All three of them gave me a new perspective to solve a problem.

Offline

Board footer

Powered by FluxBB