Re: [d-security] SSH
On Thu, May 16, 2002 at 02:26:37PM +0200, Pawel Romanek wrote:
> Then I was playing with sshd I had discovered
> that it checks only 8 (first) characters
> of my password, the remainder can be omitted ;)
That's normal for passwords using the standard unix crypt() function (like
"aI24pyUVhurNU" in /etc/shadow) and can be avoided by using md5 passwords
(like "$1$6E9lY9qv$KsAJ8K7yPlkdQoQurSds/0" in /etc/shadow) or maybe an
authentication other than /etc/shadow.
Read the docs in /usr/share/doc/passwd and "man 3 crypt".
> Regards
> P.R.
bye,
-christian-
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to:
- References:
- SSH
- From: Pawel Romanek <promanek@hektor.umcs.lublin.pl>