LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (https://www.linuxquestions.org/questions/linux-general-1/)
-   -   PAM module:passwd:- how many character validate by pam library (https://www.linuxquestions.org/questions/linux-general-1/pam-module-passwd-how-many-character-validate-by-pam-library-677747/)

amit_pansuria 10-20-2008 03:23 AM
password verification verify password of a user for only first 8 characters
 
Helo ,
I m using linux pam library for user and its password authentication.
I m creating new user and giving its password.I m giving password of 10 characters.now when I login in as that newly created user its ask me
to change password .

I m giving my new passwd of 10 characters.

Now i m log off and again login as that user

Now when I give my password more only first 8 characters then also It allows me to login

how come this happen?

I also observed that it verify the password for first 8 characters.

can you tell me how to overcome this problem.

my /etc/pam.d/system-auth entry are given bewlo

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth required /lib/security/$ISA/pam_deny.so

account required /lib/security/$ISA/pam_unix.so
account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account required /lib/security/$ISA/pam_permit.so

password requisite /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password required /lib/security/$ISA/pam_deny.so

session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so

so how do I overcome this problem

Amit

amit_pansuria 10-20-2008 05:27 AM
PAM module:passwd:- how many character validate by pam library
 
Helo I m using PAM module on linux system

I have one strange problem.
I have create user and assigned group using my own function.

I m giving more than 8 character password.
Now when I enter upto 8 character then also it will accept.
In short It validate only first 8 character. can U tell me how do I change this setting.

My /etc/pam.d/passwd entry are given bewlo:

#%PAM-1.0
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth

/etc/pam.d/system-auth file contains following:


#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth required /lib/security/$ISA/pam_deny.so

account required /lib/security/$ISA/pam_unix.so
account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account required /lib/security/$ISA/pam_permit.so

password requisite /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password required /lib/security/$ISA/pam_deny.so

session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so


what to to

Amit

XavierP 10-20-2008 01:51 PM
I have merged yur threads as they are the same except for 2 characters

amit_pansuria 10-21-2008 01:19 AM
Quote:
Originally Posted by amit_pansuria (Post 3316335)
Helo I m using PAM module on linux system

I have one strange problem.
I have create user and assigned group using my own function.

I m giving more than 8 character password.
Now when I enter upto 8 character then also it will accept.
In short It validate only first 8 character. can U tell me how do I change this setting.

My /etc/pam.d/passwd entry are given bewlo:

#%PAM-1.0
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth

/etc/pam.d/system-auth file contains following:


#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth required /lib/security/$ISA/pam_deny.so

account required /lib/security/$ISA/pam_unix.so
account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account required /lib/security/$ISA/pam_permit.so

password requisite /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password required /lib/security/$ISA/pam_deny.so

session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so


what to to

Amit
My problem is that suppose create a user and give a 12 character password . It will accept this password.

But when I logg off and again login and now I give first 8 character then only It will accept password. So it menas it validates only first 8 character.

One more my /etc/pam.d/passwd file contains following

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth required /lib/security/$ISA/pam_deny.so

account required /lib/security/$ISA/pam_unix.so
account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account required /lib/security/$ISA/pam_permit.so

password requisite /lib/security/$ISA/pam_cracklib.so retry=3 minlen=12
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password required /lib/security/$ISA/pam_deny.so

session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so


Now tell me where do i make change in passwd (/etc/pam.d/passwd)
or system-auth (/etc/pam.d/system-auth )

#%PAM-1.0
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth


there is no entry like cracklib

any way my /etc/pam.d/system-auth file contains following

Regards,
Amit


All times are GMT -5. The time now is 11:12 AM.