On Nov 5, 2005, at 3:42 PM, Todd Walton wrote:
password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3password sufficient pam_unix.so nullok md5 shadow use_authtok password required pam_deny.soThis doesn't enforce strong passwords, it just says, 'You don't have one. Reconsider.' (Effectively.)
Well, if you're not root, and you try to set a weak password, it won't let you.
I.e., if I try to use a bad password on my FC4 box while trying to change it, I get this:
[EMAIL PROTECTED](pts/1):~ 1 $ passwd Changing password for user gkade. Changing password for gkade (current) UNIX password: New UNIX password: BAD PASSWORD: it is based on a dictionary word New UNIX password: BAD PASSWORD: it is based on a dictionary word New UNIX password: Retype new UNIX password:The only reason it let me go on was because I typed a sufficiently "good" password that last time.
On my FC4 box, the options for pam_cracklib are in /usr/share/doc/ pam-0.79/README.pam_cracklib.
Gregory -- Gregory K. Ruiz-Ade <[EMAIL PROTECTED]> OpenPGP Key ID: EAF4844B keyserver: pgpkeys.mit.edu
PGP.sig
Description: This is a digitally signed message part
-- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
