aboutsummaryrefslogtreecommitdiff
path: root/tools/pwcheck
blob: 85cd6c39af9243e51f6d2277942f1e554c565a8e (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43

#!/bin/bash

# Get the current user's username
USER=""
PW=""

if [[ $# -lt 2 ]]
then
    echo "Usage: pwcheck [username] [password]"
    exit 1
fi

PW_HASH=""
USER="$1"
PW="$2"

# Get the hashed password from /etc/shadow for the current user
SHADOW_ENTRY=$(sudo grep "^$USER:" /etc/shadow)

if [ -z "$SHADOW_ENTRY" ]; then
    echo "User not found in /etc/shadow"
    exit 1
fi

HASHED_PW=$(echo "$SHADOW_ENTRY" | cut -d':' -f2)
SALT=$(echo "$HASHED_PW" | cut -d'$' -f3)
ALGORITHM=$(echo "$HASHED_PW" | cut -d'$' -f2)

# Yescrypt
if [[ $ALGORITHM == "y" ]]
then
	HASHED_PW=$(echo "$SHADOW_ENTRY" | cut -d':' -f2)
	SALT=$(echo "$HASHED_PW" | cut -d'$' -f4)
	PW_HASH=$(mkpasswd "$PW" "\$y\$j9T\$$SALT")
else
	PW_HASH=$(echo "$PW" | openssl passwd -stdin -"$ALGORITHM" -salt "$SALT")
fi

if [ "$PW_HASH" == "$HASHED_PW" ]; then
    exit 0
else
    exit 1
fi
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-04 11:25:28 +0000