Adam Lewenberg <[email protected]> writes: > I have a newly-built Debian buster server. I have installed the heimdal > packages that are available in the buster distribution (currently, these > all have version number 7.5.0+dfsg-2).
> I have this in /etc/krb5.conf: > [password_quality] > policies = minimum-length > min_length = 10 > When I change the password for a user to one that is one-character long, > kadmin lets me. Here is the command: > % kadmin -p joeuser passwd -p A janeuser > [email protected]'s Password: > % (no error shown) > How do I configure it so that heimdal respects the [password_quality] > stanza? Password changes by administrators bypass all password quality checks on Heimdal without https://github.com/heimdal/heimdal/pull/320, which was applied locally to Stanford's build of Heimdal. -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/>
