On Tue, Jan 31, 2012 at 10:55:33AM +0100, Fabian Greffrath wrote: > Package: cracklib2 > Severity: wishlist > > Hi, > > it would be nice if there was a cracklib udeb which could be integrated > into d-i to allow for password quality checking for the root and first > user password entered during installation. It wouldn't necessarily block > installation if the chosen password is of bad quality, just inform the > user. I find it embarrassing if Debian accepts root passwords like "1234" > or "qwer" without even complaining. ;)
I like the idea.
A word list in a binary format (built from text word lists by
cracklib-format from package cracklib-runtime) is required for libcrack2 to
be useful. This would mean that the udeb should either install the binary
dictionary file or build it at install time.
I did not yet create any udebs yet and have to investigate how to do it.
Patches (to be applied to the package's git repository) would be very
welcome.
Kind regards
Jan
--
Jan Dittberner - Debian Developer
GPG-key: 4096R/558FB8DD 2009-05-10
B2FF 1D95 CE8F 7A22 DF4C F09B A73E 0055 558F B8DD
http://ddportfolio.debian.net/ - http://people.debian.org/~jandd/
signature.asc
Description: Digital signature
