Im authenticating (system) users by making PAM use a MySQL database.
This
means Unix passwords are stored as MD5 crypted strings.
I can use “openssl passwd -1” on the command-line to generate
passwords
and set them in the database - this works just fine.
Ruby has a crypt method in the String class that does the same thing:
indeed, using str.crypt("$1$") generates a crypted string that also
works
when inserted into the MySQL database.
Both strings look completely different but both work just fine when
using
PAM authentication.
Now Im writing a web-based control panel using Rails and come up
against the problem with the MD5 crypted strings being completely
different. I can’t test for equality since crypt and openssl both
generate
different strings. I already have users using this database so
switching
everyone’s password is not an option.
So what’s the best way to emulate “openssl passwd -1” for crypting
passwords in Ruby?