[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: extrange passwd behaviour

----- Original Message ----- 
From: "Ruben Porras" <nahoo82@telefonica.net>
To: <debian-security@lists.debian.org>
Sent: Friday, December 05, 2003 12:21 AM
Subject: Re: extrange passwd behaviour

El jue, 04-12-2003 a las 22:05, Kevin escribió:
> > I've discovered that login, sudo, gdm only take care of the first 8
> > characters of the passwd. The following characters don't count. See the
> > following example (I've created a new user just to make the test)
> If you are not using md5 passwords will have a max length of 8
> characters.  If you're using md5 your pam config for passwd etc should
> look something like this:
> password        required        pam_unix.so md5
> And the passwords in the shadow file should start with $1$

The problem was that I was not using md5 passwd. I don't know why
/etc/pam.d/passwd was set to allow fall-through to the 'other' service.

The debconf configuration of passwd says that md5 should be enabled.
I've tried to run dpkg-reconfigure passwd with no effect, but that is
another problem and off-topic here.

Putting the line by hand works perfectly.



In Debian default

# Number of significant characters in the password for crypt().
# Default is 8, don't change unless your crypt() is better.
# If using MD5 in your PAM configuration, set this higher.
PASS_MAX_LEN            8

-- Riku

To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact

Reply to: