Martin Pool wrote:
The PAM module might store previous passwords in a database (e.g. tdb)
that it maintains. Every time a password is set, it gets put in
there, with any other appropriate information (date?). When a new
password-setting attempt is made, it checks against the history, plus
Hi,
I started this mail yesterday ... 24h/day is not enough since
the past few days :(
First of all, I forget to state in the documentation that the external
program also needs to send a .\n on a new line after sending the
required fields.
1) Don't use recent password feature:
I did not want
On Fri, 2003-02-14 at 05:05, Pierre Belanger wrote:
Hi,
I started this mail yesterday ... 24h/day is not enough since
the past few days :(
:-)
First of all, I forget to state in the documentation that the external
program also needs to send a .\n on a new line after sending the
required
Andrew Bartlett wrote:
or else your users change from password1
to password2 to password3 then back to password1.
They sure do! I hate that...
I spoke to my colleague, and he refreshed my memory
about that part: we variously used crypt or an MD4
On Fri, 14 Feb 2003, Andrew Bartlett wrote:
On Fri, 2003-02-14 at 02:09, David Collier-Brown -- Customer Engineering
wrote:
Martin Pool wrote:
The PAM module might store previous passwords in a database (e.g. tdb)
that it maintains. Every time a password is set, it gets put in
Richard Sharpe wrote:
On Fri, 14 Feb 2003, Andrew Bartlett wrote:
Anybody doing this 'must change password every x days' thing has to
store the decrypted password, or else your users change from password1
to password2 to password3 then back to password1.
Hmmm, I am not sure of that. What is
On Thu, 13 Feb 2003, John E. Malmberg wrote:
Richard Sharpe wrote:
On Fri, 14 Feb 2003, Andrew Bartlett wrote:
Anybody doing this 'must change password every x days' thing has to
store the decrypted password, or else your users change from password1
to password2 to password3 then back to
On 14 Feb 2003, Andrew Bartlett [EMAIL PROTECTED] wrote:
a) If we want the password-quality script to handle this,
I think we'll all agree, storing clear text password is really
not a good idea. Perhaps the interface should provide the new
encrypted passwords to the external
On 14 Feb 2003, Andrew Bartlett [EMAIL PROTECTED] wrote:
Do we even need to save the decrypted password?
A colleague once saved old encrypted passwords
to allow the do they really know the old one
test to be done via challange-response.
Different scripts might want to
On 12 Feb 2003, Andrew Bartlett [EMAIL PROTECTED] wrote:
Because we don't have the old password, doing this via PAM doesn't
work. The pam_cracklib module doesn't apply the test if it's run as
root, and won't run without the old password as a normal user.
I know it won't work with the
Hi,
Here's what I've come up for the password quality script,
cracklib replacement after exchanging a few email and reading
what came up on the mailing list. Your comments are again very
welcome -- I've come up with this but if it's all wrong fell
free to blast me ;-) I had good fun doing it and
On 11 Feb 2003, Pierre Belanger [EMAIL PROTECTED] wrote:
What is it? I have my own comments at the end ...
From the documentation I wrote (even if I'm French I think it's not
that bad!?!?!?):
This looks good to me.
Would it be possible to do this as a PAM module called by Samba?
(Possibly
On Wed, 2003-02-12 at 15:50, Martin Pool wrote:
On 11 Feb 2003, Pierre Belanger [EMAIL PROTECTED] wrote:
What is it? I have my own comments at the end ...
From the documentation I wrote (even if I'm French I think it's not
that bad!?!?!?):
This looks good to me.
Would it be
13 matches
Mail list logo
