freedomboneeee/src/freedombone-utils-passwords

58 lines
2.0 KiB
Bash
Executable File

#!/bin/bash
#
# .---. . .
# | | |
# |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-.
# | | (.-' (.-' ( | ( )| | | | )( )| | (.-'
# ' ' --' --' -' - -' ' ' -' -' -' ' - --'
#
# Freedom in the Cloud
#
# Password functions
#
# License
# =======
#
# Copyright (C) 2014-2016 Bob Mottram <bob@freedombone.net>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# If this file exists it contains a global password used with
# disk image installs. This simplifies password management for
# deployment at scale
IMAGE_PASSWORD_FILE=/root/login.txt
# Minimum number of characters in a password
MINIMUM_PASSWORD_LENGTH=10
# The default password length used in images
DEFAULT_PASSWORD_LENGTH=20
function enforce_good_passwords {
# because humans are generally bad at choosing passwords
if [[ $(is_completed $FUNCNAME) == "1" ]]; then
return
fi
apt-get -yq install libpam-cracklib
sed -i 's/password.*requisite.*pam_cracklib.so.*/password required pam_cracklib.so retry=2 dcredit=-4 ucredit=-1 ocredit=-1 lcredit=0 minlen=10 reject_username/g' /etc/pam.d/common-password
mark_completed $FUNCNAME
}
function create_password {
openssl rand -base64 32 | tr -dc A-Za-z0-9 | head -c ${1} ; echo ''
}
# NOTE: deliberately no exit 0