[opensuse-security] Re: strong password with libcrypt
Hi, Is there a way to implement strong password on sles10? I have hear about libcrypt, how will i implement it with strong password, like if a user change his password, sles will try to decrypt it, and if the password fails then he will inform the user like hey improve your password. Please help. Thanks, Jay --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
On Friday 16 May 2008 05:25:04 Jay Jesus Amorin wrote:
Hi,
Is there a way to implement strong password on sles10? I have hear about libcrypt, how will i implement it with strong password, like if a user change his password, sles will try to decrypt it, and if the password fails then he will inform the user like hey improve your password.
Please help.
Thanks,
Jay
In the suse-oss repo there is a package called seccheck. Here's the description: "Regularly executable scripts (via cron) for checking the security of your system." Amongst other checks (file perms, open sockets, etc.) it uses a program called john (for John the Ripper I think) that attempts to decrypt all the user account passwords. An email is sent to the root account with the results of the checks. I doesn't validate the user's new password like you want, but perhaps this could we usefull for you? Alvin --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Friday 2008-05-16 at 06:15 -0300, Alvin wrote:
In the suse-oss repo there is a package called seccheck. Here's the description:
"Regularly executable scripts (via cron) for checking the security of your system."
Amongst other checks (file perms, open sockets, etc.) it uses a program called john (for John the Ripper I think) that attempts to decrypt all the user account passwords.
An email is sent to the root account with the results of the checks.
I doesn't validate the user's new password like you want, but perhaps this could we usefull for you?
It need you install also "john" and its database (john-wordlists...rpm). It runs as a cron job every every week and it is terribly slow. Slow as in /days/. It is worse than old beagle and old zypper, together, at their worst. Without john installed the secchk task will complain every week that john is not installed, but that's fine. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFILVfktTMYHG2NR9URAs3WAJ9gvxZg+SZVh1bLNBwYxdO3OexKgACfUnNh 70JT38KEF1ghTwuRGc/aIPo= =zxrv -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
On Fri, May 16, 2008 at 11:46:11AM +0200, Carlos E. R. wrote:
The Friday 2008-05-16 at 06:15 -0300, Alvin wrote:
In the suse-oss repo there is a package called seccheck. Here's the description:
"Regularly executable scripts (via cron) for checking the security of your system."
Amongst other checks (file perms, open sockets, etc.) it uses a program called john (for John the Ripper I think) that attempts to decrypt all the user account passwords.
An email is sent to the root account with the results of the checks.
I doesn't validate the user's new password like you want, but perhaps this could we usefull for you?
It need you install also "john" and its database (john-wordlists...rpm). It runs as a cron job every every week and it is terribly slow. Slow as in /days/. It is worse than old beagle and old zypper, together, at their worst.
Without john installed the secchk task will complain every week that john is not installed, but that's fine.
I think the original poster just wants some PAM checks we already have. man pam_pwcheck Ciao, Marcus --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
probably this could help me with my problem, but what i want is
everytime a user creates a password, with would be match against a
password cracking library like cracklib and if it matches it would
inform the user that the password he inputs is weak and he needs to
provide another one.
thanks for your ideas
On Fri, May 16, 2008 at 5:15 PM, Alvin
On Friday 16 May 2008 05:25:04 Jay Jesus Amorin wrote:
Hi,
Is there a way to implement strong password on sles10? I have hear about libcrypt, how will i implement it with strong password, like if a user change his password, sles will try to decrypt it, and if the password fails then he will inform the user like hey improve your password.
Please help.
Thanks,
Jay
In the suse-oss repo there is a package called seccheck. Here's the description:
"Regularly executable scripts (via cron) for checking the security of your system."
Amongst other checks (file perms, open sockets, etc.) it uses a program called john (for John the Ripper I think) that attempts to decrypt all the user account passwords.
An email is sent to the root account with the results of the checks.
I doesn't validate the user's new password like you want, but perhaps this could we usefull for you?
Alvin
--------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
-- Ang nagtanong ay tanga. Ang hindi nagtanong ay nanatiling tanga. -jayamorin --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
participants (4)
-
Alvin
-
Carlos E. R.
-
Jay Jesus Amorin
-
Marcus Meissner