Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
Re: [suse-security] MD5 passwords again
  • From: Alex Levit <alex@xxxxxxxxxxx>
  • Date: Sat, 26 Jan 2002 06:58:49 -0800
  • Message-id: <200201261456.g0QEuQH15322@xxxxxxxxxxxxxxxxxxxxxxx>
Dobry deni.

make a copy of your /etc/pam.d/pop first, just in case :)

then update your /etc/pam.d/pop,
Replace all lines in that file with:

#%PAM-1.0
auth sufficient /lib/security/pam_unix.so likeauth nullok md5 shadow
auth required /lib/security/pam_deny.so
account sufficient /lib/security/pam_unix.so
account required /lib/security/pam_deny.so
password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow
password required /lib/security/pam_deny.so
session required /lib/security/pam_limits.so
session required /lib/security/pam_unix.so


P.S.
Make sure that
#%PAM-1.0
is on the first line.
You can also modify the current settings if they seem too relaxed to you.
For example: you can take out nullok, but make sure everything works
before you start playing with different settings.


Nu schastlivo. :)


On Saturday 26 January 2002 06:29, Alex Levit wrote:
> Please send contents of your /etc/pam.d/pop
>
> On Thursday 24 January 2002 23:13, Boris Kimel wrote:
> > Hello All,
> >
> > Sorry to annoy you, but POP3 doesn't recognize MD5 passwords. All other
> > services are ok. POP3 works perfect for the users whose passwords were
> > not changed yet (i.e. were not converted to MD5).
> >
> > Why should I want MD5 passwords? That's simple: we had a RedHat system
> > using MD5 passwords and
> > (i) we'd like to transfer all the users with their passwords to SuSE;
> > (ii) the existing passwords are longer than 8 characters.
> >
> > Looks like I need further reading on the PAM, but maybe there's a proven
> > approach?
> >
> > Thanks,

---
Alex Levit

--
Excellent day to have a rotten day.

< Previous Next >
References