Bug 18919 - useradd does not encrypt the password when adding a user with the -p option.
Summary: useradd does not encrypt the password when adding a user with the -p option.
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: shadow-utils (Show other bugs)
(Show other bugs)
Version: 7.0
Hardware: i386 Linux
medium
medium
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact: Dale Lovelace
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2000-10-11 21:46 UTC by moonpie
Modified: 2007-04-18 16:29 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-10-11 21:46:47 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description moonpie 2000-10-11 21:46:43 UTC
useradd has the -p option, that lets you specify a password to be assigned
to a new user instead of having to do this as an extra step.  Although I
think this is bad practice in general, putting plaintext passwords on the
command line, it doesn't work in a big way.

i.e.
useradd bob -p bobspassword

this puts "bobspassword" in /etc/shadow instead of calling crypt, or some
other encryption function.

Comment 1 Dale Lovelace 2000-10-12 13:07:31 UTC
This is the correct behaviour for the -p option to useradd. You must encrypt the
passwd yourself. From the useradd man page:

       -p passwd
              The  encrypted  password,  as returned by crypt(3).
              The default is to disable the account.



Note You need to log in before you can comment on or make changes to this bug.