Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Securing passwords on servers

0 views
Skip to first unread message

Craig Vincent

unread,
Nov 16, 1999, 3:00:00 AM11/16/99
to
Is there anything I could so that password changes from my users are
rejected if they don't meet the requirements I specified in PAM?
Right now it only warns it's a bad password but still allows it to be used.

(Linux RedHat 6.1)

--
Sincerely,

Craig Vincent
Senior Webmaster/Programmer
Web Dream Inc.

Colin McKinnon

unread,
Nov 17, 1999, 3:00:00 AM11/17/99
to
Craig Vincent wrote in message <8DeY3.652$Fo....@198.235.216.4>...

I had a look on my system, and like yours, it only warns even though
pam_cracklib.so is a required module. I guess you'd have to get hold of
pam_cracklib.so - there may be a make option, or you may have to hack it a
bit.

see
http://www.mirror.ac.uk/sites/ftp.kernel.org/pub/linux/libs/pam/modules.html

(or your local mirror) for more info & source.

--
+------------------------------+---------------------------+
| Retype address to send Email | spambots, please send your|
| | Email to |
+------------------------------+---------------------------+
| colin at wew dot co dot uk | sp...@whowhere.com |
| colinmckinnon at technologist| ro...@127.0.0.1 |
| dot com | postmaster@localhost |
+------------------------------+---------------------------+

James Boylan

unread,
Nov 17, 1999, 3:00:00 AM11/17/99
to
In article <i4fu08...@Lonmay.wew.co.uk>, "Colin McKinnon" <colin at wew dot co dot uk> wrote:
>Craig Vincent wrote in message <8DeY3.652$Fo....@198.235.216.4>...
>>Is there anything I could so that password changes from my users are
>>rejected if they don't meet the requirements I specified in PAM?
>>Right now it only warns it's a bad password but still allows it to be used.
>>
>>(Linux RedHat 6.1)
>>
>>--
>>Sincerely,
>>
>>Craig Vincent
>>Senior Webmaster/Programmer
>>Web Dream Inc.
>>
>>
>>
>>
>
>I had a look on my system, and like yours, it only warns even though
>pam_cracklib.so is a required module. I guess you'd have to get hold of
>pam_cracklib.so - there may be a make option, or you may have to hack it a
>bit.
>
>see
>http://www.mirror.ac.uk/sites/ftp.kernel.org/pub/linux/libs/pam/modules.html
>
>(or your local mirror) for more info & source.
>

This is important to remember. With most RedHat Distributions the root user
can set any password, but if any normal user tries to and gets the bad
password error, it won't accept it.

This may have changed in the 6.1 dist, but I don't see why they would have.

James.

Craig Vincent

unread,
Nov 17, 1999, 3:00:00 AM11/17/99
to
> This is important to remember. With most RedHat Distributions the root
user
> can set any password, but if any normal user tries to and gets the bad
> password error, it won't accept it.
>
> This may have changed in the 6.1 dist, but I don't see why they would
have.

James you're absolutely right....thank you for setting things straight for
me :)

0 new messages