Authentication failure after change to cracklib

Johnomal · 09-03-2009, 06:10 PM

Hi,

I was messing around with changing the dictionary for our PAM cracklib module and seemed to have stuffed something up.

When I attempt to log in through a telnet session with any user that has a password I get

Authentication Failure

This session is no longer connected

I am still able to log in via the Web admin using the root user/password.

I can also log in from a telnet session if the user has no password.

Any suggestions on how to fix this would be greatly appreciated.

John

kbp · 09-03-2009, 07:30 PM

Hi johnomal,

Not sure what platform you're running on but if its rpm based you could try:

Code:

rpm -Vv cracklib
rpm -Vv cracklib-dicts

Example output:

Code:

[root@xxxxx ~]# rpm -Vv cracklib-dicts
.........    /usr/lib/cracklib_dict.hwm
.........    /usr/lib/cracklib_dict.pwd
.........    /usr/lib/cracklib_dict.pwi
.........    /usr/sbin/mkdict
.........    /usr/sbin/packer
.........    /usr/share/cracklib
.........    /usr/share/cracklib/cracklib-small.hwm
.........    /usr/share/cracklib/cracklib-small.pwd
.........    /usr/share/cracklib/cracklib-small.pwi
.........    /usr/share/cracklib/pw_dict.hwm
.........    /usr/share/cracklib/pw_dict.pwd
.........    /usr/share/cracklib/pw_dict.pwi

If there is anything other than dots then you'll need to fix that particular file

You could also force reinstallation if any files are deleted

cheers,

kbp

Johnomal · 09-03-2009, 08:00 PM

Thanks for that info.

Here is the output of

rmp -Vv cracklib-dicts

..5....T /usr/lib/cracklib_dict.hwm
S.5....T /usr/lib/cracklib_dict.pwd
S.5....T /usr/lib/cracklib_dict.pwi
........ /usr/sbin/mkdict
........ /usr/sbin/packer

I guess that means I will have to fix some files.

My system is Redhat Enterprise release 4.

Can you tell me what steps I need to take to repair those files?

Thanks,
John

Quote:

Originally Posted by kbp

Hi johnomal,

Not sure what platform you're running on but if its rpm based you could try:

Code:

rpm -Vv cracklib
rpm -Vv cracklib-dicts

Example output:

Code:

[root@xxxxx ~]# rpm -Vv cracklib-dicts
.........    /usr/lib/cracklib_dict.hwm
.........    /usr/lib/cracklib_dict.pwd
.........    /usr/lib/cracklib_dict.pwi
.........    /usr/sbin/mkdict
.........    /usr/sbin/packer
.........    /usr/share/cracklib
.........    /usr/share/cracklib/cracklib-small.hwm
.........    /usr/share/cracklib/cracklib-small.pwd
.........    /usr/share/cracklib/cracklib-small.pwi
.........    /usr/share/cracklib/pw_dict.hwm
.........    /usr/share/cracklib/pw_dict.pwd
.........    /usr/share/cracklib/pw_dict.pwi

If there is anything other than dots then you'll need to fix that particular file

You could also force reinstallation if any files are deleted

cheers,

kbp

kbp · 09-03-2009, 10:46 PM

Hey John,

You can obtain the rpm from rhel4 media or channels and just reinstall it:

Code:

rpm -ivh --force cracklib-dicts-x.x.x.arch.rpm

cheers

kbp

Johnomal · 09-06-2009, 11:01 PM

Thanks again,

I reinstalled the cracklib and cracklib-dicts packages, it fixed up the entries in that file.

But I still have the original problem. Any user that requires a password to log in gets 'Authentication failure'.

My production box is still working fine.

Is there anything I can compare between the 2 boxes to work out what is different?

Is there anything else I can do to resolve the problem?

John

kbp · 09-06-2009, 11:49 PM

Did you modify /etc/pam.d/system-auth ? ... try comparing the contents of /etc/pam.d

cheers

Johnomal · 09-07-2009, 12:11 AM

Yep, tried that.

Copied the file over from the production box and still the same result.