LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 07-03-2008, 06:26 AM   #1
hunger
LQ Newbie
 
Registered: Jul 2008
Posts: 3

Rep: Reputation: 0
Disable complext passwords


hi,

We are migrating a *NIX app to Linux RHEL5 and need to maintain the same password policy, which allow dictionary words!

How do I disable dictionary checking on the RH box?

I've tried editing /etc/pam.d/passwd to the following:
#%PAM-1.0
auth include system-auth
account include system-auth
password required /lib/security/pam_unix.so md5 shadow nullok

But I still keep getting the following error when trying to change a user password (works find from root!):

it is based on a dictionary word

I'm completely stumped & frustrated!!!

Please help?

Thanks

H.
 
Old 07-03-2008, 06:44 AM   #2
w3bd3vil
Senior Member
 
Registered: Jun 2006
Location: Hyderabad, India
Distribution: Fedora
Posts: 1,189

Rep: Reputation: 49
Quote:
it is based on a dictionary word
is just a warning. It does actually change the password.
Just type in the password two times and it will accept it.

Anyhow, it is always advisable to keep your passwords complex. It might make you frustrated but its for the best.
 
Old 07-03-2008, 08:00 AM   #3
OlRoy
Member
 
Registered: Dec 2002
Posts: 304

Rep: Reputation: 86
If you aren't able to use complex passwords, I hope you at least have a clipping level set, as well as log and monitor its account lockouts.
 
Old 07-03-2008, 09:10 AM   #4
hunger
LQ Newbie
 
Registered: Jul 2008
Posts: 3

Original Poster
Rep: Reputation: 0
>>>W3bD3v1 : is just a warning. It does actually change the password.
Just type in the password two times and it will accept it.


I've tried it three times & eventually fails with the following

Retype new UNIX password:
it is based on a dictionary word
passwd: Authentication token manipulation error

and doesn't change the p/w...

Is there something else I need to change?

thanks again,

H.
 
Old 07-03-2008, 04:12 PM   #5
tredegar
Guru
 
Registered: May 2003
Location: London, UK
Distribution: Ubuntu 10.04, mostly
Posts: 6,007

Rep: Reputation: 366Reputation: 366Reputation: 366Reputation: 366
"Your password isn't complicated enough" annoys me big time.
My solution:
Become root
Code:
passwd username
Assign a new password.
It works (for me)
 
Old 07-04-2008, 12:54 AM   #6
w3bd3vil
Senior Member
 
Registered: Jun 2006
Location: Hyderabad, India
Distribution: Fedora
Posts: 1,189

Rep: Reputation: 49
ahh, I thought he was doing it with root privileges.
 
Old 07-18-2008, 06:01 AM   #7
hunger
LQ Newbie
 
Registered: Jul 2008
Posts: 3

Original Poster
Rep: Reputation: 0
Fixed!

It's a bug in rhel5 which doesn't allow you to disable the dictionary checking, - should be fixed in 5.3

To get around the problem simply clear out the dictionary...

# echo word | packer /usr/share/cracklib/pw_dict

You should be able to use any dictionary word!!! (except "word")

Worked for me! - Thanks to RH support for this one!
 
  


Reply

Tags
pam, passwd, security


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How do I disable cracklib and use null passwords? openSauce Linux - Security 4 01-29-2011 03:17 PM
updating samba passwords with system passwords paranoid times Linux - Software 3 10-03-2006 09:04 PM
Sync MySQL passwords with local account passwords? turbine216 Linux - Software 2 02-18-2005 03:15 AM
Completely uninstalling MySQL and its passwords passwords...how? I locked myself out! Baix Linux - Newbie 2 01-30-2005 04:10 PM
Is there a way to sync Samba passwords with linux user passwords MarleyGPN Linux - Networking 2 09-09-2003 10:59 AM


All times are GMT -5. The time now is 07:04 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration