thomas
/
sovereign
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Add instructions for making crypt salted hashes using Python and passlib 

Quotes removed around salts and hashes in existing examples because, AFAIK,
base64-encoded strings contain no characters which must be escaped in YAML (the
following are not in base64: '!', ':', '|', '>').

Closes #293
Allen Riddell 10 years ago
parent
befde9f660
commit
ebc0e6361d
1 changed files with 11 additions and 3 deletions
Unified View Show Diff Stats
  1. 11
    3
      README.textile

+ 11
- 3
README.textile View File

141
141
142 
 Remove @{SHA512-CRYPT}@ and insert the rest as the @password_hash@ value.
 142 
 Remove @{SHA512-CRYPT}@ and insert the rest as the @password_hash@ value.
143
143
144 
-Alternatively, if you don't already have @doveadm@ installed, Python 3.3 or higher will generate the appropriate string for you on Unix-based platforms (assuming your password is @password@):
144 
+Alternatively, if you don't already have @doveadm@ installed, Python 3.3 or higher on Linux will generate the appropriate string for you (assuming your password is @password@):
145
145
146 
 bc. python3 -c 'import crypt; print(crypt.crypt("password", salt=crypt.METHOD_SHA512))'
 146 
 bc. python3 -c 'import crypt; print(crypt.crypt("password", salt=crypt.METHOD_SHA512))'
147
147
148 
+On OS X and other platforms the "passlib":https://pythonhosted.org/passlib/ package may be used to generate the required string:
149 
+
150 
+bc. python -c 'import passlib.hash; print(passlib.hash.sha512_crypt.encrypt("password", rounds=5000))'
151 
+
148 
 Same for the IRC password hash...
 152 
 Same for the IRC password hash...
149
153
150 
 bc. # znc --makepass
 154 
 bc. # znc --makepass
162
166
163 
 Take the strings after @Hash =@ and @Salt =@ and insert them as the value for @irc_password_hash@ and @irc_password_salt@ respectively.
 167 
 Take the strings after @Hash =@ and @Salt =@ and insert them as the value for @irc_password_hash@ and @irc_password_salt@ respectively.
164
168
165 
-Alternatively, if you don't already have @znc@ installed, Python 3.3 or higher will generate the appropriate string for you on Unix-based platforms (assuming your password is @password@):
169 
+Alternatively, if you don't already have @znc@ installed, Python 3.3 or higher on Linux will generate the appropriate string for you (assuming your password is @password@):
170 
+
171 
+bc. python3 -c 'import crypt; print("irc_password_salt: {}\nirc_password_hash: {}".format(*crypt.crypt("password", salt=crypt.METHOD_SHA256).split("$")[2:]))'
172 
+
173 
+On OS X and other platforms the passlib:https://pythonhosted.org/passlib/ package may be used to generate the required string:
166
174
167 
-bc. python3 -c 'import crypt; print("irc_password_salt: \"{}\"\nirc_password_hash: \"{}\"".format(*crypt.crypt("password", salt=crypt.METHOD_SHA256).split("$")[2:]))'
175 
+bc. python -c 'import passlib.hash; print("irc_password_salt: {}\nirc_password_hash: {}".format(*passlib.hash.sha256_crypt.encrypt("password", rounds=5000).split("$")[2:]))'
168
176
169 
 For git hosting, copy your public key into place. @cp ~/.ssh/id_rsa.pub roles/git/files/gitolite.pub@ or similar.
 177 
 For git hosting, copy your public key into place. @cp ~/.ssh/id_rsa.pub roles/git/files/gitolite.pub@ or similar.
170
178

Write Preview
Loading…
Cancel
Save