Last active
June 1, 2022 22:36
-
-
Save rc4/305a7f9cf945127fd045546cad4b13e5 to your computer and use it in GitHub Desktop.
Simple Perl script to generate salted SHA-256 password for FreeRADIUS PAP authentication (see https://networkradius.com/doc/current/raddb/mods-available/pap.html). No external dependencies; only uses core modules (so it should work out-of-the-box on any system).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/perl | |
| use Digest::SHA; | |
| use MIME::Base64; | |
| print "Enter password: "; | |
| system( 'stty -echo' ); | |
| chomp( $password = <STDIN> ); | |
| system( 'stty echo' ); | |
| print "\n"; | |
| $sha = Digest::SHA->new( 'sha256' ); | |
| $sha->add( $password ); | |
| $sha->add( $^T . $$ ); # Use Unix epoch at start of execution & current PID for the salt | |
| $enc = encode_base64( $sha->digest . $^T . $$, '' ); | |
| print "All set! Add this line to your config:\n"; | |
| print "(username) Password-With-Header := \"{ssha256}$enc\"\n"; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment