On Mon, 6 Nov 2006, Jan Engelhardt wrote: > >I know the host that does the email. I know all the hosts that do not do > >it. They all run seccheck > > > >START_SECCHK=yes in /etc/sysconfig/seccheck > > > >They all have john installed and when I run it does show the same > >usernames with the weak passwords. What I can not figure out is why only > >this one system generates the emails. They either all should or all not. > >But this one system is the only one that does. I am stupped as to what is > >different.
The file that generates the email is in /usr/lib/secchk. It is security-weekly.sh. Which is what I wanted to know. So thanks. > Since you replicate the password database (/etc/shadow or others), a > user may change his "weak" password into a good one, without the host > noticing. > > In other words, the script that checks for weak passwords > > (1) ASSUMES that you have to login ON THAT PARTICULAR MACHINE to > change your password. > > (2) ASSUMES that once you have logged in to that particular machine > you are going to change your password - which is a wrong > assumption. Password change is often not enforced on first login. > File a bug report for (2). The strange problem is that I ssh to the machine that send's me the email daily. I do not use the KDE login. I have used it 3 times on this machine. On one of the machines that does not send me an email I do log on to it daily with ssh as well, but I do use the KDE login on it daily. So I have my question answered. I wanted to know what program did it. Now I just have to understand why one machine judges the exact same password as OK on one machine but insecure on an other. At least I now know what I am looking for. Thanks, -- Boyd Gerber <[EMAIL PROTECTED]> ZENEZ 1042 East Fort Union #135, Midvale Utah 84047 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
