You're right, now it works :D Even though programming is my job and passion, now I see how much there is still to learn for me (and I am really greatful for pointing that).

To summarize, the command I use with docker to change password to NEW_PASS for user judgehost from command line is:

$ docker-compose exec db mysql -u domjudge -p \

-e "use domjudge; update user set password='$(htpasswd -bnB "" NEW_PASS | tr -d ':\n')' where username = 'judgehost';"

where "db" is simply a name for docker compose service. Thank you all for your help!

Cheers,

Michał

On Wed, Feb 20, 2019 at 7:25 PM Keith Johnson <kj@ubergeek42.com> wrote:

The beginning of the password contains a random salt(in a standardized format), and it changes every time you generate the password. But during verification, the code reads the salt from the hash and uses it with the submitted password to calculate the same hash.

See the description section here: https://en.m.wikipedia.org/wiki/Bcrypt

On Wed, Feb 20, 2019, 13:19 Michał Kaczanowicz <mj.kaczanowicz@gmail.com wrote:
My problem at the moment is - I checked several options for password hashing algorithm both with php and htpasswd and none of them matches value in db :(
In my example user is judgehost and password is test, and hash stored in db is:

$2y$10$FdUtw5PKeM/7aLjt1QI3uOVW5l9u4dG0F9q2SBWixiMzLNqaym76q

What's more cryptic to me, I "changed" the password via web interface several time to the same "test" password and each time record in db changed its value. Perheps someone has an idea on how is that even possible?

Cheers,
Michał

On Wed, Feb 20, 2019 at 9:03 AM Thijs Kinkhorst <thijs@kinkhorst.com> wrote:
Hi Michał,

On Tue, February 19, 2019 19:55, Michał‚ Kaczanowicz wrote:
> My current task is to deploy domjudge - or more precisely, to create a
> "one click deploy" configuration. I aim to use docker images of
> domserver and domjudge. I'd like to accomplish my task using docker and
> docker compose. But here comes a slight problem. After setting up
> domserver, I need to set new password for judgehost user. Setup manual
> suggest to do it "by hand", via web interface on admin account. Is there
> a way to do that programatically, e.g. simply updating password for
> judgehost user in domjudge.user table? How is the hash computed?

Interesting project! Would be great if you could share the results!

You should be able to use PHP's password_hash() on the desired string like
this:

$hash = password_hash("yourpasword", PASSWORD_DEFAULT);

Or on the command line:

htpasswd -bnB "" yourpassword|tr -d ":\n"

Cheers,
Thijs
_______________________________________________
DOMjudge-devel mailing list
DOMjudge-devel@domjudge.org
https://www.domjudge.org/mailman/listinfo/domjudge-devel

_______________________________________________
DOMjudge-devel mailing list
DOMjudge-devel@domjudge.org
https://www.domjudge.org/mailman/listinfo/domjudge-devel