Mailinglist Archive: opensuse-security (9 mails)

< Previous Next >
Re: [opensuse-security] Re: strong password with libcrypt
  • From: Alvin <alvinbeach@xxxxxxxxx>
  • Date: Fri, 16 May 2008 06:15:15 -0300
  • Message-id: <200805160615.15983.alvinbeach@xxxxxxxxx>
On Friday 16 May 2008 05:25:04 Jay Jesus Amorin wrote:
Hi,

Is there a way to implement strong password on sles10? I have hear
about libcrypt, how will i implement it with strong password, like if
a user change his password, sles will try to decrypt it, and if the
password fails then he will inform the user like hey improve your
password.

Please help.

Thanks,

Jay

In the suse-oss repo there is a package called seccheck. Here's the
description:

"Regularly executable scripts (via cron) for checking the security of
your system."

Amongst other checks (file perms, open sockets, etc.) it uses a program called
john (for John the Ripper I think) that attempts to decrypt all the user
account passwords.

An email is sent to the root account with the results of the checks.

I doesn't validate the user's new password like you want, but perhaps this
could we usefull for you?

Alvin




---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security+help@xxxxxxxxxxxx

< Previous Next >
List Navigation
References