Re: pam_cracklib password length problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Are you attempting to change the password as root?  If so cracklib doesn't check length or any of the other parameters in that line from what I recall.  If you need passwords by root to be verified I suggest that you check out the Openwall project.  Specifically the passwdqc module that they provide:

http://www.openwall.com/passwdqc/

It allows for much more stringent rules to be followed.



On 4/26/07, k03fra-pam@xxxxxxxx <k03fra-pam@xxxxxxxx> wrote:
I have been attempting enable pam_cracklib to check the minimum password length.
Therefore I've added minlen=10 to the cracklib line of the password section of /etc/pam.d/system-auth of a asterisk@home/CentOS3 installation. All other lines are unchanged.

#%PAM-1.0
#This file ......
...
password     required    /lib/security/$ISA/pam_cracklib.so retry=3 minlen=10
password     sufficient    /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password     required    /lib/security/$ISA/pam_deny.so

Still passwords with a minimum of 6 characters are accepted. If I change retry to 5, 5 retries are possible. This tell me I must be editing the correct file.
I'm sure something is missing but after searching the web I still can't figure out what it is.


Heute schon einen Blick in die Zukunft von E-Mails wagen? Versuchen Sie´s mit dem neuen Yahoo! Mail.


_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux