Hi! I have a problem concerning password aging on SuSE 6.3. If a password expires the user is prompted for the new password at the login time. The problem is that he/she can enter an empty one just by hitting Enter twice. No checks for minimum password lenght, no cracklib checks - and these are enabled in etc/login.defs. Changing the password from the prompt works normally with all the checks in effect. So, is there a way to enable atleast the minimum password lenght check? Any comments and/or suggestions would be appreciated. Regards, Daniel.
Hi, On Wed, Mar 29, Schoeberle Daniel wrote:
Hi! I have a problem concerning password aging on SuSE 6.3. If a password expires the user is prompted for the new password at the login time. The problem is that he/she can enter an empty one just by hitting Enter twice. No checks for minimum password lenght, no cracklib checks - and these are enabled in etc/login.defs. Changing the password from the prompt works normally with all the checks in effect. So, is there a way to enable atleast the minimum password lenght check? Any comments and/or suggestions would be appreciated.
Are you sure that you has enabled the use of cracklib ? You need password required /lib/security/pam_unix.so strict=true in the config files for every program, which is able to change the password. SuSEconfig makes this changes, if you set USE_CRACKLIB to "true". Minimum password length and the other, old shadow features are implemented in SuSE Linux 6.4 with the new pam_pwcheck module. Thorsten -- Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk@suse.de SuSE GmbH Schanzaeckerstr. 10 90443 Nuernberg Linux is like a Vorlon. It is incredibly powerful, gives terse, cryptic answers and has a lot of things going on in the background.
participants (2)
-
Schoeberle Daniel -
Thorsten Kukuk