You are not logged in.
- Topics: Active | Unanswered
#1 2014-09-26 15:32:16
- freaxtux
- Member
- Registered: 2012-07-17
- Posts: 37
automatic new user submission with ssh?
Hi. I'm trying to make a some kind of NAS with Raspberry Pi, via SFTP.
The problem is that my friends don't know a thing about Linux, and they aren't going to show me their password.
A solution came up to me was that they use putty to login with guest account, and fill in some kind of submission form presented by bashrc.
but how could I make a guest user to add new user?
granting root permission would be too dangerous, and saving their password in plaintext is not what I want to do.(even if they are protected by special permission)
Maybe the passwords could be encrypted on-the-fly, so that I could paste the string into /etc/gshadow later on?
or are there some better way to solve it?
Last edited by freaxtux (2014-09-26 15:32:28)
Offline
#2 2014-09-26 16:09:50
- ewaller
- Administrator
- From: Pasadena, CA
- Registered: 2009-07-13
- Posts: 19,772
Re: automatic new user submission with ssh?
This is a perfect case for using public key cryptography. And it is intrinsic to sftp.
Be sure you read both this article on SSH keys and this more general article on ssh
Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way
Offline
#3 2014-09-26 16:40:30
- lucke
- Member
- From: Poland
- Registered: 2004-11-30
- Posts: 4,018
Re: automatic new user submission with ssh?
Set up accounts with the names they want, set and give them temporary passwords, make them log in via putty and change their passwords with "passwd".
Offline
#4 2014-09-26 20:04:26
- teateawhy
- Member
- From: GER
- Registered: 2012-03-05
- Posts: 1,138
- Website
Re: automatic new user submission with ssh?
.. they aren't going to show me their password.
Whats the point about this? The password itself is not really valuable. The data is already known to you. Are they only able to remember one single password and use that for all services? If so, the solution is to make them use a unique password for your service.
Offline
#5 2014-09-27 01:23:07
- freaxtux
- Member
- Registered: 2012-07-17
- Posts: 37
Re: automatic new user submission with ssh?
freaxtux wrote:.. they aren't going to show me their password.
Whats the point about this? The password itself is not really valuable. The data is already known to you. Are they only able to remember one single password and use that for all services? If so, the solution is to make them use a unique password for your service.
I know it's stupid, but it's hard to persuade them. You know, there are still whole lot of people out there using "password" as their password...
Furthermore, I was planning to make each of them an encrypted folder with ecryptfs.
I found a solution.
openssl passwd -1 -salt xyz yourpassthis command generates an encrypted string which can be directly pasted into /etc/shadow.
Thanks for all of you for your answers! All three of them gave me a new perspective to solve a problem.
Offline