Mailinglist Archive: opensuse-security (685 mails)

< Previous Next >
Re: [suse-security] long passwords
  • From: Roman Drahtmueller <draht@xxxxxxx>
  • Date: Tue, 26 Feb 2002 21:33:53 +0100 (MET)
  • Message-id: <Pine.LNX.4.44.0202262132240.12609-100000@xxxxxxxxxxxx>
>
> On two different SuSE machines (7.2 and 7.3), I am having a problem with
> them authenticating only from the first 8 characters of a password.
>
> Example, password is: ilovemyroot
>
> 'ilovemyr' and 'ilovemyr00t' will both pass authentication at console,
> and in any X applications (i.e. kdesu and kcheckpass)
>
> I have md5 enabled, and have verified the md5 entries in
> /etc/pam.d/passwd, /etc/pam.d/login, and /etc/pam.d/sshd
>
> Any thoughts? Anyone else with the same issues? I don't know much about
> pam and how it works.


Can you please verify that you really have an md5-password? If the crypted
password starts with the string $1$, then it's md5. This looks like it's
not md5, because the length of the password as stated in /etc/login.defs
is ignored for md5.

> thanks,
> michael

Thanks,
Roman.
--
- -
| Roman Drahtm├╝ller <draht@xxxxxxx> // "You don't need eyes to see, |
SuSE GmbH - Security Phone: // you need vision!"
| N├╝rnberg, Germany +49-911-740530 // Maxi Jazz, Faithless |
- -


< Previous Next >
Follow Ups
References