On Sun, Aug 07, 2005 at 10:46:56PM -0700, Jim Gifford wrote:
The point is it's not needed, it's in BLFS where it belongs.
Yes, but this way it is known at the time when it would be most
convenient. I personally don't see it as being any different than
linking to a hint and it is a powerful tool
On Mon, Aug 08, 2005 at 12:54:34AM -0500, Randy McMurchy wrote:
This would work. I would use [command] tags for the word 'sed' and
I would for sure make the '-e ...' stuff in a [literal] tag so that
it is all on one line though.
Hrmm, literal, eh? I used para, but I'll make a render with
On Mon, Aug 08, 2005 at 12:57:56AM -0500, Randy McMurchy wrote:
Exploiting weak passwords are the single most widely used method to
gain access to a machine.
FWIW, the SANS Top 20 lists weak passwords as the 5th likeliest
vulnerability in Windows, and the 3rd likeliest in Linux. For linux,
Randy McMurchy wrote:
From a technical standpoint Jim, you are just simply wrong. Exploiting
weak passwords are the single most widely used method to gain access to
a machine.
What's needed is a way to enforce a password scheme, passwords greater
than 8 characters, must contain alpha
On Mon, Aug 08, 2005 at 12:01:51AM -0600, Archaic wrote:
Hrmm, literal, eh? I used para, but I'll make a render with literal. I'm
guessing by the name of the tag, that parameter would not be used?
Literal, by itself, doesn't seem to influence line wrapping, but I do
prefer the font used with
Jim Gifford wrote these words on 08/08/05 01:17 CST:
Not something that checks a word file, I would go for a password scheme
enforcement solution for shadow or even a replacement of shadow altogether.
Well great, Jim. We are getting somewhere. You obviously agree that a
solution to provide
Okay, give a look:
http://www.linuxfromscratch.org/~archaic/lfs-trunk/chapter06/shadow.html
--
Archaic
Want control, education, and security from your operating system?
Hardened Linux From Scratch
http://www.linuxfromscratch.org/hlfs
--
http://linuxfromscratch.org/mailman/listinfo/lfs-dev
Archaic wrote these words on 08/08/05 01:25 CST:
Literal, by itself, doesn't seem to influence line wrapping,
I suppose I shouldn't have made literal, so [literal] :-)
I was more thinking of things like [screen][userinput] type
tags that force stuff to be on one line and be 'literal' (as to
Archaic wrote these words on 08/08/05 01:33 CST:
Okay, give a look:
That looks good. The only thing is perhaps:
s/add/insert/ in the sentence. No telling how many folks will try
to add (append) the -e script to the command instead of inserting
where it belongs.
--
Randy
rmlscsi: [GNU ld
The only solution right now is to add PAM with this module
http://www.openwall.com/passwdqc.
So you will need to get support for adding PAM and cracklib to LFS,
which I'm not sure the community will support.
--
--
[EMAIL PROTECTED]
[EMAIL PROTECTED]
LFS User # 2577
Registered Linux
On Mon, Aug 08, 2005 at 01:32:32AM -0500, Randy McMurchy wrote:
I was more thinking of things like [screen][userinput] type
tags that force stuff to be on one line and be 'literal' (as to
what is encapsulated).
Hrmm. Well if it is deemed to be more accurate using screen tags as
opposed to
Jim Gifford wrote these words on 08/08/05 01:40 CST:
So you will need to get support for adding PAM and cracklib to LFS,
which I'm not sure the community will support.
It was about 50-50 running with the CrackLib idea, however, some of
the positives about CrackLib were adamant that PAM could
Archaic wrote:
I think PAM is evil. ;)
Smiley noted, but do you really think this? In many cases it is
unnecessary, but it is really useful in others. For instance, in a
distributed system it is the only way I know of to use LDAP centralized
passwords.
-- Bruce
--
El Lunes, 8 de Agosto de 2005 08:42, Archaic escribió:
Hrmm. Well if it is deemed to be more accurate using screen tags as
opposed to just para tags, that is easily fixed, but since we aren't
actually typing in the command as seen, but rather inserting it into
another command, I don't know if
Randy McMurchy wrote:
Hi all,
Well, I must say I thoroughly enjoyed the debate about adding CrackLib
to LFS. There was a bunch of ideas thrown around. It seemed healthy for
the list.
Yep, I enjoyed it too. I was supposed to post my summary over the
weekend, but Real Life got in the way as
Randy,
Have your verified that the bug with cracklib that was posted in
BLFS from a long time back has been fixed. Here is what I remember of
the bug. I know this issue had to deal with PAM but we had some
complaints about it not working without PAM, the cause was due to
cracklib being a
Jim Gifford wrote these words on 08/08/05 15:26 CST:
Have your verified that the bug with cracklib that was posted in
BLFS from a long time back has been fixed. Here is what I remember of
the bug. I know this issue had to deal with PAM but we had some
complaints about it not working
On Mon, Aug 08, 2005 at 10:08:44AM -0500, Bruce Dubbs wrote:
Smiley noted, but do you really think this? In many cases it is
unnecessary, but it is really useful in others. For instance, in a
distributed system it is the only way I know of to use LDAP centralized
passwords.
Radius and
Hi all,
Well, I must say I thoroughly enjoyed the debate about adding CrackLib
to LFS. There was a bunch of ideas thrown around. It seemed healthy for
the list.
Anyway, some of the folks who provided arguments why CrackLib should
not be added had very good ideas about LFS, goals, etc.
I tend to
Randy McMurchy wrote:
In the Shadow instructions, a little note at the beginning of the
package instructions saying that if you would like the system
configured to support strong passwords, install CrackLib and add
--with-libcrack to the configure script.
It could probably be done in one
Randy McMurchy wrote:
In the Shadow instructions, a little note at the beginning of the
package instructions saying that if you would like the system
configured to support strong passwords, install CrackLib and add
--with-libcrack to the configure script.
+1
Justin
--
On Sun, Aug 07, 2005 at 08:50:59PM -0500, Randy McMurchy wrote:
It could probably be done in one sentence, two max, with a link to
the BLFS CrackLib instructions.
How's this wording grab you?
http://www.linuxfromscratch.org/~archaic/lfs-trunk/chapter06/shadow.html
--
Archaic
Want control,
Archaic wrote these words on 08/07/05 22:55 CST:
How's this wording grab you?
I feel terrible. I have made a huge mistake. There is another
configuration that must be done for Shadow to use CrackLib. In the
command that creates the /etc/login.defs file, the following addition
to the existing
Archaic wrote these words on 08/07/05 23:51 CST:
I'm wondering if perhaps another note just prior to the original sed
would be apropo, or if it should all be placed in the main note. The
latter seems rather disconnected to me.
I'm thinking it would be best inside the beginning note. 2
Randy McMurchy wrote these words on 08/07/05 23:55 CST:
I'm thinking it would be best inside the beginning note. 2 reasons.
1) The disconnection you mention
2) The command is long. It prolly won't fit on a PDF page so it needs
to be split with a backslash and then *no* spaces before the
Archaic wrote these words on 08/08/05 00:44 CST:
As soon as the render is done, you can find the 2 notes example here:
http://www.linuxfromscratch.org/~archaic/lfs-trunk/chapter06/shadow.html
This would work. I would use [command] tags for the word 'sed' and
I would for sure make the '-e
26 matches
Mail list logo
