>>>>> "Henry" == Henry B Hotz <[EMAIL PROTECTED]> writes:
Henry> Does the MIT code have a user hook in the change password
Henry> function where I can link in cracklib?
No. Nicolas Williams from Sun has proposed that the right way to do this is for the KDC to use libpam on systems that have it and to use the password stack to run modules like cracklib. This seems like an interesting approach to try, but we have not yet implemented it.
I agree that doing the check in PAM on the client side is interesting, but it fulfills a different goal.
In my case the goal is institutional enforcement of some QA on passwords. That means it has to be done at the server end, like Heimdal does it. I suppose that I have the option of looking through the source code and implementing it myself. I was just hoping it was easier than that. (Consider this a feature request.)
--
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
[EMAIL PROTECTED], or [EMAIL PROTECTED]
________________________________________________
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
