Re: RFC: changes to default password strength checks in pam_unix

To: debian-devel@lists.debian.org
Subject: Re: RFC: changes to default password strength checks in pam_unix
From: John Kelly <jak@isp2dial.com>
Date: 03 Sep 2007 23:40:07 -0400
Message-id: <[🔎] Prayer.1.0.18.0709032340070.5389@daves.isp2dial.com>
In-reply-to: <[🔎] 1188873845.31104.2.camel@dorfl.lan>
References: <[🔎] 20070902194736.GA10366@dario.dodds.net> <[🔎] 1188873845.31104.2.camel@dorfl.lan>

On Sep 3, Lars Wirzenius wrote:

ti, 2007-09-04 kello 10:17 +0900, Miles Bader kirjoitti:

If the system is excessively anal about what passwords it will let you
use, people will just start writing them down...

That is arguably better than having passwords which can be guessed by
doing brute-force attackes over ssh.

I stop brute force attacks by sending auth log messages to a FIFO which Iread with a perl script. After 10 login failures, your IP is firewalled for24 hours.


Works great.

Reply to:

Follow-Ups:
- Re: RFC: changes to default password strength checks in pam_unix
  - From: Don Armstrong <don@debian.org>
- Re: RFC: changes to default password strength checks in pam_unix
  - From: Oleg Verych <for.gmane@flower.upol.cz>
- Re: RFC: changes to default password strength checks in pam_unix
  - From: Lars Wirzenius <liw@iki.fi>
- Re: RFC: changes to default password strength checks in pam_unix
  - From: Antti-Juhani Kaijanaho <antti-juhani@kaijanaho.fi>

References:
- RFC: changes to default password strength checks in pam_unix
  - From: Steve Langasek <vorlon@debian.org>
- Re: RFC: changes to default password strength checks in pam_unix
  - From: Lars Wirzenius <liw@iki.fi>

Prev by Date: Re: RFC: changes to default password strength checks in pam_unix
Next by Date: Re: RFC: changes to default password strength checks in pam_unix
Previous by thread: Re: RFC: changes to default password strength checks in pam_unix
Next by thread: Re: RFC: changes to default password strength checks in pam_unix
Index(es):
- Date
- Thread