Heimdal and cracklib

To: Debian User List <debian-user@lists.debian.org>
Subject: Heimdal and cracklib
From: Anton Emmerfors <anton@vegasys.com>
Date: Wed, 17 Dec 2003 13:04:57 +0100
Message-id: <[🔎] 20031217120458.0DC863C39@galadriel>
Mail-followup-to: Debian User List <debian-user@lists.debian.org>

Hi,

I'm looking to incorporate password quality control in my Heimdal KDC
using cracklib. I found the following in the Heimdal manuals:

	[password_quality]
        	check_library = library
        	check_function = function

		The function function in the shared library library will
		be called for proposed new passwords. The function
		should be declared as: 

		const char * function(krb5_context context,
		krb5_principal principal, krb5_data *pwd);

		The function should verify that pwd is a good password
		for principal and if so return NULL. If it is deemed to
		be of low quality, it should return a string explaining
		why that password should not be used. 

		Code for a password quality checking function that uses
		the cracklib library can be found in
		kpasswd/sample_password_check.c in the source code
		distribution. It requires the cracklib library built
		with the patch available at
		<ftp://ftp.pdc.kth.se/pub/krb/src/cracklib.patch>


Now I'm wondering if the code mentioned in the Heimdal docs incorporated
and does Debian cracklib2 have the proper patch? If so, what do I need
to put in my krb5.conf entry to make it work?

	/Anton
-- 
I've got "rm -rf" and I'm not afraid to use it

Reply to:

Follow-Ups:
- Re: Heimdal and cracklib
  - From: Anton Emmerfors <anton@vegasys.com>

Prev by Date: Re: supported hardware
Next by Date: Re: supported hardware
Previous by thread: Re: My Debian box can't connect Internet (RESEND)
Next by thread: Re: Heimdal and cracklib
Index(es):
- Date
- Thread