[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] RaQ needs to be more picky about passwords
- Subject: Re: [cobalt-security] RaQ needs to be more picky about passwords
- From: John Bailey <support@xxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 20 Apr 2002 08:27:11 +0100 (BST)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
>>> There's already a program on your RaQ to do that; I don't remember
>>> exactly what it is, but it's called by the passwd program (see "man
>>> passwd"). Sun, or you, could implement it.
>
> > I think (but I'm not positive) that what you're referring to is PAM. I
> > checked and my Raq4 uses pam-0.72.
>
> No, I'm talking about a program that tries to hack the password and if
> it can tells you it's too easy.
Err ... I think that Matthew was right. The 'program that tried to hack
the password' is the cracklib PAM module. It checks potential
passwords against a set of configurable rules and provides the ability
to specify custom dictionary files. See [1] for fuller details and [2]
for the config on your system.
PAM's got a nice API which allows you to make use of its advanced features
from your own applications.
Regards,
John
[1] http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam-6.html#ss6.3
[2] /etc/pam.d/passwd