jessie/testing pam_unix2 (2.6-1) module is compiled without blowfish support

To: submit@bugs.debian.org
Cc: packages@qa.debian.org
Subject: jessie/testing pam_unix2 (2.6-1) module is compiled without blowfish support
From: "Lukasz Szczepanski" <lukasz.szczepanski@Safe-mail.net>
Date: Sun, 17 Nov 2013 13:45:14 -0500
Message-id: <[🔎] N1-WUUB1rRsvC@Safe-mail.net>

Package: libpam-unix2
Version: 2.6-1
Severity: grave
Justification: package is unusable as its main feature is not supported


Module libpam_unix2 is compiled without blowfish support. Password change finishes with error:

root@straightXedge:/usr/share/pam-configs# passwd
New Password:
Reenter New Password:
crypt_r: Don't know 0
Error: Password NOT changed.
passwd: Authentication token manipulation error
passwd: password unchanged

Lack of blowfish support is shown in debugs:

root@straightXedge:/lib/security# cat /var/log/auth.log | grep "19:12"
Nov 17 18:19:12 straightXedge sshd[3638]: Failed password for root from 192.168.40.1 port 65354 ssh2
Nov 17 19:12:02 straightXedge passwd[6686]: pam_unix2(passwd:chauthtok): Unknown option: `blowfish'
Nov 17 19:12:02 straightXedge passwd[6686]: pam_unix2(passwd:chauthtok): pam_sm_chauthtok() called
Nov 17 19:12:02 straightXedge passwd[6686]: pam_unix2(passwd:chauthtok): username=[root]
Nov 17 19:12:02 straightXedge passwd[6686]: pam_unix2(passwd:chauthtok): No old password found.
Nov 17 19:12:02 straightXedge passwd[6686]: pam_unix2(passwd:chauthtok): Unknown option: `blowfish'
Nov 17 19:12:02 straightXedge passwd[6686]: pam_unix2(passwd:chauthtok): pam_sm_chauthtok() called
Nov 17 19:12:02 straightXedge passwd[6686]: pam_unix2(passwd:chauthtok): username=[root]
Nov 17 19:12:02 straightXedge passwd[6686]: pam_unix2(passwd:chauthtok): No old password found.
Nov 17 19:12:05 straightXedge passwd[6686]: pam_unix2(passwd:chauthtok): No blowfish support compiled in

I am using the most up-to-date versions of libpam-unix2 and libxcrypt packages.

root@straightXedge:/lib/security# dpkg -l | grep -e "unix2 \| libxcrypt \| libpam0g"
ii  libpam-unix2                        1:2.6-1                   i386         Blowfish-capable PAM module
ii  libxcrypt1                          1:2.4-3                   i386         Crypt library for DES, MD5, and blowfish
ii  libpam0g:i386                       1.1.3-9                   i386         Pluggable Authentication Modules library

This bug was previously reported in as #487487.

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487487

I replaced the .so library with the previous wheezy 2.4.1 version and the problem is solved. 

root@straightXedge:/lib/security# passwd
New Password:
Reenter New Password:
Password changed.
passwd: password updated successfully


Please recompile it with blowfish support.

regards,
Lukasz

Reply to:

Prev by Date: Bug#725569: marked as done (libpam-unix2: FTBFS: configure.in:36: error: required file './compile' not found)
Next by Date: Processed: found 696366 in 1:1.8.2-1, found 696366 in 1:1.8.2-1squeeze5, found 664729 in 2.1.25.dfsg1-17 ...
Previous by thread: Bug#725569: marked as done (libpam-unix2: FTBFS: configure.in:36: error: required file './compile' not found)
Next by thread: Processed: found 696366 in 1:1.8.2-1, found 696366 in 1:1.8.2-1squeeze5, found 664729 in 2.1.25.dfsg1-17 ...
Index(es):
- Date
- Thread