LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > Solaris / OpenSolaris
Reload this Page Solaris 10 big password issue!
User Name
Password
Solaris / OpenSolaris This forum is for the discussion of Solaris, OpenSolaris, OpenIndiana, and illumos.
General Sun, SunOS and Sparc related questions also go here. Any Solaris fork or distribution is welcome.

Notices


Reply
  Search this Thread
Old 05-30-2005, 10:54 PM   #1
dsschanze
Member
 
Registered: Aug 2004
Location: Gainesville, FL
Distribution: Linux Mint 12, Win7, iOS
Posts: 208

Rep: Reputation: 33
Solaris 10 big password issue!

Hi,
I don't know if any other users of Solaris 10 have discovered this, but there seems to be an exploit when using an "_" in your password. For example, if you password is "florida_19", all you would have to type is "florida_" or any combination: "florida_*" and it will give you access to the account.

Give me a reply if you have noticed this...or if there is a fix for it.

-Derek
 
Old 05-31-2005, 12:26 AM   #2
Maidros
Member
 
Registered: Jan 2004
Location: Haifa, Israel
Distribution: Debian, FreeBSD, Solaris
Posts: 101

Rep: Reputation: 15
The default Solaris password is limited to eight alphanumeric characters.

I am not sure if there is a fix though.
 
Old 05-31-2005, 01:55 AM   #3
jlliagre
Moderator
 
Registered: Feb 2004
Location: Outside Paris
Distribution: Solaris 11.4, Oracle Linux, Mint, Debian/WSL
Posts: 9,789

Rep: Reputation: 492Reputation: 492Reputation: 492Reputation: 492Reputation: 492
There's no fix as there is no bug, Solaris password management has no built-in limitation, it's the underlying pam module configuration that set its requirements.
The default traditional unix crypt algorithm is based on a 56 bits hash, hence more than 8 characters are useless.

If you want support for longer passwords, you can change the crypt algorithm by setting CRYPT_DEFAULT=1 in /etc/security/policy.conf and uncommenting CRYPT_ALGORITHMS_DEPRECATE=__unix__ , or use a different pam module (e.g. LDAP).
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
forgot root password for solaris 9 m3kgt Solaris / OpenSolaris 11 08-26-2008 04:53 PM
Hardware clock big issue bhackerozzo Linux - Laptop and Netbook 1 06-29-2005 04:24 PM
Password Shell Script Solaris 9 cpope67 Solaris / OpenSolaris 1 12-30-2004 03:15 PM
can I set the password history in solaris ooihc Solaris / OpenSolaris 3 09-24-2004 05:25 AM
drivers seem like the big issue with linux...why??? a_m_flash Linux - Hardware 9 04-24-2003 01:18 PM

LinuxQuestions.org > Forums > Other *NIX Forums > Solaris / OpenSolaris

All times are GMT -5. The time now is 11:27 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration