[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: pam_cracklib password length problem
- From: "Scott Gentry" <sgentry6 gmail com>
- To: k03fra-pam yahoo de, "Pluggable Authentication Modules" <pam-list redhat com>
- Cc:
- Subject: Re: pam_cracklib password length problem
- Date: Thu, 26 Apr 2007 08:42:15 -0400
Are you attempting to change the password as root? If so cracklib doesn't check length or any of the other parameters in that line from what I recall. If you need passwords by root to be verified I suggest that you check out the Openwall project. Specifically the passwdqc module that they provide:
http://www.openwall.com/passwdqc/
It allows for much more stringent rules to be followed.
On 4/26/07,
k03fra-pam yahoo de <k03fra-pam yahoo de> wrote:
I have been attempting enable pam_cracklib to check the minimum password length.
Therefore I've added minlen=10 to the cracklib line of the password section of /etc/pam.d/system-auth of a asterisk home/CentOS3 installation. All other lines are unchanged.
#%PAM-1.0
#This file ......
...
password required /lib/security/$ISA/pam_cracklib.so retry=3 minlen=10
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password required /lib/security/$ISA/pam_deny.so
Still passwords with a minimum of 6 characters are accepted. If I change retry to 5, 5 retries are possible. This tell me I must be editing the correct file.
I'm sure something is missing but after searching the web I still can't figure out what it is.
Heute schon einen Blick in die Zukunft von E-Mails wagen? Versuchen SieĀ“s mit dem
neuen Yahoo! Mail.
_______________________________________________
Pam-list mailing list
Pam-list redhat com
https://www.redhat.com/mailman/listinfo/pam-list
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]