Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
Re: [suse-security] MD5 passwords again
  • From: Alex Levit <alex@xxxxxxxxxxx>
  • Date: Sat, 26 Jan 2002 06:58:49 -0800
  • Message-id: <200201261456.g0QEuQH15322@xxxxxxxxxxxxxxxxxxxxxxx>
Dobry deni.

make a copy of your /etc/pam.d/pop first, just in case :)

then update your /etc/pam.d/pop,
Replace all lines in that file with:

auth sufficient /lib/security/ likeauth nullok md5 shadow
auth required /lib/security/
account sufficient /lib/security/
account required /lib/security/
password sufficient /lib/security/ nullok use_authtok md5 shadow
password required /lib/security/
session required /lib/security/
session required /lib/security/

Make sure that
is on the first line.
You can also modify the current settings if they seem too relaxed to you.
For example: you can take out nullok, but make sure everything works
before you start playing with different settings.

Nu schastlivo. :)

On Saturday 26 January 2002 06:29, Alex Levit wrote:
> Please send contents of your /etc/pam.d/pop
> On Thursday 24 January 2002 23:13, Boris Kimel wrote:
> > Hello All,
> >
> > Sorry to annoy you, but POP3 doesn't recognize MD5 passwords. All other
> > services are ok. POP3 works perfect for the users whose passwords were
> > not changed yet (i.e. were not converted to MD5).
> >
> > Why should I want MD5 passwords? That's simple: we had a RedHat system
> > using MD5 passwords and
> > (i) we'd like to transfer all the users with their passwords to SuSE;
> > (ii) the existing passwords are longer than 8 characters.
> >
> > Looks like I need further reading on the PAM, but maybe there's a proven
> > approach?
> >
> > Thanks,

Alex Levit

Excellent day to have a rotten day.

< Previous Next >