Re: extrange passwd behaviour

To: "debian-security@lists.debian.org" <debian-security@lists.debian.org>
Subject: Re: extrange passwd behaviour
From: Ruben Porras <nahoo82@telefonica.net>
Date: Thu, 04 Dec 2003 23:21:47 +0100
Message-id: <[🔎] 1070576506.826.43.camel@nahoo>
In-reply-to: <[🔎] 15248360656.20031204140524@redefine.org>
References: <[🔎] 1070568741.3684.14.camel@nahoo> <[🔎] 15248360656.20031204140524@redefine.org>

El jue, 04-12-2003 a las 22:05, Kevin escribió:
> > I've discovered that login, sudo, gdm only take care of the first 8
> > characters of the passwd. The following characters don't count. See the
> > following example (I've created a new user just to make the test)
> 
> If you are not using md5 passwords will have a max length of 8
> characters.  If you're using md5 your pam config for passwd etc should
> look something like this:
> password        required        pam_unix.so md5
> And the passwords in the shadow file should start with $1$

The problem was that I was not using md5 passwd. I don't know why
/etc/pam.d/passwd was set to allow fall-through to the 'other' service.

The debconf configuration of passwd says that md5 should be enabled.
I've tried to run dpkg-reconfigure passwd with no effect, but that is
another problem and off-topic here.

Putting the line by hand works perfectly.

Thanks.

Reply to:

Follow-Ups:
- Re: extrange passwd behaviour
  - From: "Riku Valli" <riku.valli@piilinna.net>

References:
- extrange passwd behaviour
  - From: Ruben Porras <nahoo82@telefonica.net>
- Re: extrange passwd behaviour
  - From: Kevin <coggy@redefine.org>

Prev by Date: Re: extrange passwd behaviour
Next by Date: Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
Previous by thread: Re: extrange passwd behaviour
Next by thread: Re: extrange passwd behaviour
Index(es):
- Date
- Thread