also sprach Christian Jaeger <christian.jaeger@sl.ethz.ch> [2002.01.19.0130 +0100]:
> You could just use the cracklib yourself before accepting the
> password and feeding it to the passwd command. I'm doing it this way.
but that wouldn't solve my problem. it wouldn't enforce digits and/or
symbols. cracklib doesn't really do that.
aside, feeding the output to the passwd command is more of a pain, and i
want to use PAM simply because it's the cleanest approach, and that's
what it was designed for.
> BTW the only thing that's still very unclear to me is where cracklib
> get's the dictionary files from. The manpage states that there's a
> cronjob for it but I don't yet understand what it does.
/etc/cracklib/cracklib.conf basically gets a list of all files in
/usr/share/dict and /usr/dict, which the cronjob then uses to assemble
/var/cache/cracklib/cracklib_dict.{hwm,pw{d,i}}. these are the actual
data used by cracklib, compiled to enhance performance. makes sense now?
--
martin; (greetings from the heart of the sun.)
\____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck
"i wish there was a knob on the tv to turn up the intelligence.
there's a knob called 'brightness', but it doesn't seem to work."
-- gallagher
Attachment:
pgp4HlLESOX_N.pgp
Description: PGP signature