-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Out of curiosity, I installed john to see how it handled. 21335 ? S 0:00 /bin/sh -c test -x /usr/lib/secchk/security-control.sh && /usr/lib/secchk/security-control.sh weekly & 21340 ? S 0:00 \_ /bin/sh /usr/lib/secchk/security-control.sh weekly 21345 ? S 0:00 \_ /bin/sh /usr/lib/secchk/security-control.sh weekly 21346 ? S 0:00 \_ /bin/sh /usr/lib/secchk/security-weekly.sh 22246 ? RN 389:39 \_ john -rules -w:/var/lib/secchk/dict /var/lib/secchk/passwd.21346 As you see, it is slooooww... even days. I didn't even install "john-wordlists", the 41 MiB "huge word lists for John the Ripper (a fast password cracker)", as the rpm description goes. I expected it to be slow, but... why does it has to try to crack passwords that have not changed during the last week? Could the "security-weekly.sh" script be improved to detect changed passwords and only try those? - -- Cheers, Carlos Robinson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFF7BKxtTMYHG2NR9URAkOJAJsHtcZR107vc82Fh+upTUmex9a0rgCfTEUv dTQwUC0jrH6cujcgf+e6ZfM= =4OCV -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org