jessie/testing pam_unix2 (2.6-1) module is compiled without blowfish support
Package: libpam-unix2
Version: 2.6-1
Severity: grave
Justification: package is unusable as its main feature is not supported
Module libpam_unix2 is compiled without blowfish support. Password change finishes with error:
root@straightXedge:/usr/share/pam-configs# passwd
New Password:
Reenter New Password:
crypt_r: Don't know 0
Error: Password NOT changed.
passwd: Authentication token manipulation error
passwd: password unchanged
Lack of blowfish support is shown in debugs:
root@straightXedge:/lib/security# cat /var/log/auth.log | grep "19:12"
Nov 17 18:19:12 straightXedge sshd[3638]: Failed password for root from 192.168.40.1 port 65354 ssh2
Nov 17 19:12:02 straightXedge passwd[6686]: pam_unix2(passwd:chauthtok): Unknown option: `blowfish'
Nov 17 19:12:02 straightXedge passwd[6686]: pam_unix2(passwd:chauthtok): pam_sm_chauthtok() called
Nov 17 19:12:02 straightXedge passwd[6686]: pam_unix2(passwd:chauthtok): username=[root]
Nov 17 19:12:02 straightXedge passwd[6686]: pam_unix2(passwd:chauthtok): No old password found.
Nov 17 19:12:02 straightXedge passwd[6686]: pam_unix2(passwd:chauthtok): Unknown option: `blowfish'
Nov 17 19:12:02 straightXedge passwd[6686]: pam_unix2(passwd:chauthtok): pam_sm_chauthtok() called
Nov 17 19:12:02 straightXedge passwd[6686]: pam_unix2(passwd:chauthtok): username=[root]
Nov 17 19:12:02 straightXedge passwd[6686]: pam_unix2(passwd:chauthtok): No old password found.
Nov 17 19:12:05 straightXedge passwd[6686]: pam_unix2(passwd:chauthtok): No blowfish support compiled in
I am using the most up-to-date versions of libpam-unix2 and libxcrypt packages.
root@straightXedge:/lib/security# dpkg -l | grep -e "unix2 \| libxcrypt \| libpam0g"
ii libpam-unix2 1:2.6-1 i386 Blowfish-capable PAM module
ii libxcrypt1 1:2.4-3 i386 Crypt library for DES, MD5, and blowfish
ii libpam0g:i386 1.1.3-9 i386 Pluggable Authentication Modules library
This bug was previously reported in as #487487.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487487
I replaced the .so library with the previous wheezy 2.4.1 version and the problem is solved.
root@straightXedge:/lib/security# passwd
New Password:
Reenter New Password:
Password changed.
passwd: password updated successfully
Please recompile it with blowfish support.
regards,
Lukasz
Reply to: