Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
|
 |
02-04-2005, 12:50 PM
|
#1
|
|
Guru
Registered: Apr 2003
Location: nottingham england
Distribution: Gentoo
Posts: 2,672
Rep: 
|
passwd: Bad password, too simplistic ???
am using an encrypted home directory, and mounting it with pam_mount
so i decided to change my passowrd from my usual 8 character password to a more secure one.
i managed to think of a 35 character passphrase that contains upper and lowerf#case letters, numbers, and symbols, and half the words in the passphare are not real words in any language. AND... i can easily remember it.
why does passwd think that this password is too simplistic !!??
|
|
|
|
|
02-04-2005, 01:36 PM
|
#2
|
|
LQ Veteran
Registered: Sep 2003
Location: the Netherlands
Distribution: lfs, debian, rhel
Posts: 8,705
|
Hi,
Could it be that only the first 8 chars of your 35 long password are used/checked?
Take a look in your /etc/login.defs or appropriate pam config file.
Hope this helps.
|
|
|
|
|
02-05-2005, 04:58 PM
|
#3
|
|
Guru
Registered: Apr 2003
Location: nottingham england
Distribution: Gentoo
Posts: 2,672
Original Poster
Rep:
|
attempting to logon and entering the first 34 characters correctly causes an invalid password respoce, so it must be using all 35.
is this just a bug in passwd ?
surely a 35character passphrase with upper case, lower case, symbols, and only partially made up or read words (to prevent optimised dictionalry hacks) SHOULD be as good as passwords can get right ?
ive dont the maths, and the password is theoretically as secure as the resulting hash used to by the aes cipher.
|
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 06:19 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
