Set <password>from shell to image file</password>
-
Hello guys :)
-
core team : Thank you for the job. I'm planning to make donations, really. Question of time.
users : Make donations if you use it for your job ! :) -
poor english: that makes sense, i'm french, scuse me ( not to be french… :@) ) ( I've heard about some froggy ones lost here too, salut les mecs )
-
My Problem :
I'm in a study case, until more. Then you'll be rich. 8)
I would like to set the password tag in config.xml ( <pfsense><system><password>) from the command line in a external location ( working on the embedded image file ). I know about mdconfig/mounting the conf, cat/sed and others stuff to process the write, but don't know how to change the password without launch pfsense.
Is there a way to do it ?
I'm working on this idea :
/etc/inc/pfsense-utils.inc is showing me the sync_webgui_passwords function:
First it writes /var/run/htpasswd, then sync with the local user system.I think these commands ( from the code ) could be done via an external location :
php : crypt : What is the encryption system ? DES/MD5 ? i did not fully understand the php.net manual page, may i don't have to know for my purpose, if so, no matters .
sh : /usr/sbin/pwd_mkdb -d /etc -p /etc/master.passwd : Ok i just don't understand that, :-\ , but man says it could be done on other location ( -d ) .
sh : /usr/sbin/pwd_mkdb -p /etc/master.passwd : Same.sh : /usr/sbin/pw usermod -n root -H 0 : Could be done with the -V flags in a external location.
sh : /usr/sbin/pw usermod -n admin -H 0 : Same.What do you think of doing ( i'll do ), a bash script ( perhaps with php commands for the crypt function ) to change the root and admin password ? Am i on a wrong way ?
Thank you for the read.</password></system></pfsense>
-
-
It's Ok.
I will publish the answer in few minutes…
or hour, i've got trouble with " and ' with sed
-
In fact, there were no reason to change anything else than the hash in the config.xml …
Comments are WELCOME. :)./script_to_change_passwd.sh pfSense-1.0.1-Embedded.img
** Changing pfSense-1.0.1-Embedded.img password !
** Default hash password : $1$dSJImFph$GvZ7.1UbuWu.Yb8etC0re.
Enter new password :
jgjhg
** Hash of the new password : $1$UTy1VPBC$72d69mEhlGnPlYB2YMkgB.
** Creating the device entry ( /dev/md<> ) …
** Image file device: md0
<password>$1$dSJImFph$GvZ7.1UbuWu.Yb8etC0re.</password>
** Change has been made. Congratulations ! :-)
** Removing temporary directory
** All done.Here is the code :
#!/bin/sh
This script has been made to change the root/admin password without launch pfsense
usage : ./script
then you will be asked for the password
DEFAULT_HASH='$1$dSJImFph$GvZ7.1UbuWu.Yb8etC0re.'
IMGFILE="$1"
WORKDIR=pwd
fonction_error_occurs() {
cat << EOFError : Default Hash Password ( pfsense ) Not found …
You should :
- Download the lastest image file from www.pfsense.com
- gunzip
- mdconfig -a -t vnode -f
- mkdir tempdir
- mount /dev/md <number>tempdir
- Have a look to tempdir/conf/config.xml to retrieve default password
- Write it into this script at line 5
- Advertise other users ( pfsense forum or whatever you want )
EOF
echo "** Now safely stoping ..."
umount $WORKDIR/d
rm -rf $WORKDIR/d
mdconfig -d -u ${MD}
echo "** Done"
exit 1
}echo "** Changing $IMGFILE password !"
echo "** Default hash password : $DEFAULT_HASH"
echo "Enter new password :"
read PWD
HASH=$(php -r "echo(crypt('$PWD'));")echo "** Hash of the new password : $HASH"
echo "** Creating the device entry ( /dev/md<> ) ..."
MD=mdconfig -a -t vnode -f $WORKDIR/$IMGFILE
echo "** Image file device: $MD"mkdir $WORKDIR/d
mount /dev/${MD}d $WORKDIR/dgrep $DEFAULT_HASH $WORKDIR/d/conf/config.xml || fonction_error_occurs
cd $WORKDIR/d/conf/
cat config.xml | sed s/'$DEFAULT_HASH'/'$HASH'/ > config.xml.2
mv config.xml.2 config.xml
chmod 640 config.xml
echo "** Change has been made. Congratulations ! :-) "echo "** Removing temporary directory"
cd $WORKDIR
umount $WORKDIR/d
rm -rf $WORKDIR/d
mdconfig -d -u ${MD}echo "** All done. "</number>