Good morning/afternoon,
is there some way (C-function, library…) in QNX4+Photon how to authenticate system passwords (which are encrypted, we cannot read them from somewhere for comparison=verification) required to enter by qualified operator at some operations in our application (editing critical parameters, manipulating critical devices…)?
Thank you.
I believe that the function you are looking for is called crypt().
Maybe, but there is no crypt() function for QNX4, only for QNX6.
Is there anybody out there who knows where to find that function for QNX4?
Not only does there seem to be a crypt() function for QNX4, it is notorius:
Where we can find “Watcom C 10.6 Security patch” (which contains the latest version of unix3s.lib)?
Are we looking for:
unix3s.lib 97280 17Jun2000?
Is it unix3s.lib which contains crypt() function?
Several people say that even after installing “Watcom C 10.6 Security patch” no unix3s.lib is installed…
In usr/include/(anything).h there is no reference for crypt() function.
Update:
We tried to install QNX Suite 2000 “Watcom Security Update” and two libraries don’t appear in usr/lib:
I looked in the directory:
/usr/watcom/10.6/usr/lib and found the following:
I’m not sure what the *.qcrypt files have to do with anything.
-rw-rw-r-- 1 root root 101376 Jun 15 2000 unix3r.lib
-rw-rw-r-- 1 root root 89600 Nov 23 1997 unix3r.lib.qcrypt
-rw-r–r-- 1 root root 97280 Jun 15 2000 unix3s.lib
-rw-r–r-- 1 root root 88064 Dec 16 1996 unix3s.lib.qcrypt
-rw-r–r-- 1 root root 100352 Apr 25 2000 unixc.lib
-rw-r–r-- 1 root root 128000 Dec 16 1996 unixc.lib.qcrypt
-rw-rw-r-- 1 root root 191488 Jun 15 2000 unixg3r.lib
-rw-r–r-- 1 root root 105472 Apr 25 2000 unixh.lib
-rw-r–r-- 1 root root 133632 Dec 16 1996 unixh.lib.qcrypt
-rw-r–r-- 1 root root 100352 Apr 25 2000 unixl.lib
-rw-r–r-- 1 root root 129024 Dec 16 1996 unixl.lib.qcrypt
-rw-r–r-- 1 root root 95744 Apr 25 2000 unixm.lib
-rw-r–r-- 1 root root 124416 Dec 16 1996 unixm.lib.qcrypt
-rw-r–r-- 1 root root 94208 Apr 25 2000 unixs.lib
-rw-r–r-- 1 root root 122880 Dec 16 1996 unixs.lib.qcrypt
Thank you, we were looking always in /usr/lib instead of /usr/watcom/10.6/usr/lib.
Do we need to copy/install some libraries from /usr/watcom/10.6/usr/lib to root/usr/lib before we use (functions of)them?
We will make another attempts…
I don’t know. I would not think so. There is probably (or should be) a soft link to /usr/watcom/10.6/usr/lib from /usr/lib.
Thank you very much maschoen. Our developer already found, tried and understood (how to use it) the crypt() function for authentication of system USER/PASSWORD inside our application.
Hi,
I am trying to use crypt() function in my application code to create a new user and add entries in passwd/opasswd/shadow/oshadow files. I am getting 13 character output from crypt() function and adding the same in shadow file but still unable to login with my new user.
Is there is anything i am missing. If i am using passwd utility it is working well.
Below is default look of shadow file with only root as user
root:T4QIvurux5uOI:1195089751:0:0
root–> Username
T4QIvurux5uOI → 13 character encrypted password
1195089751:0:0 → ?
What is the meaning of this 10 digit number and 0 ?
You might want to check out this hacker article on the QNX oshadow file.
moar.so/blog/qnx-password-hash-formats.html
Entries in the shadowed password file are first delimited by : and split into the following sections:
username – user account name
@S,100@386d…truncated…da5d@129b6761 – printable hash string (varies depending on the hash function used)
1448613322 – Unix epoch timestamp of when the password was set
0 – unknown
0 – unknown
The guess is those last 2 values are related to locking out user accounts.
The problem appears to be you need to run the crypt call many times. The doc’s say 1000 times using SHA-512 with a salt of 16 bytes:
qnx.com/developers/docs/660/ … asswd.html
Tim