Re: Redhat 6.0 Password Issues

From: Erik Parker (eparkerat_private)
Date: Sat Sep 11 1999 - 17:18:18 PDT

Next message: Alan Brown: "Re: Redhat 6.0 Password Issues"

Previous message: Dr. Joel M. Hoffman: "fixing all buffer overflows --- random magin numbers"
Maybe in reply to: root3d: "Redhat 6.0 Password Issues"
Next in thread: Alan Brown: "Re: Redhat 6.0 Password Issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Yes, it is part of the UNIX crypt.. It can also
be changed very easy, however the problem with that is..
many daemons (lots of ftpd's) do not support more than 8 character
passwords. Or, they didn't a couple of years ago, I have just accepted it,
and gone on with life.

This is also all covered on redhat.com in deatil in the documentation.
You will also note in your login.defs

#
# Number of significant characters in the password for crypt().
# Default is 8, don't change unless your crypt() is better.
# Ignored if MD5_CRYPT_ENAB set to "yes".
#
#PASS_MAX_LEN           8



On Fri, 10 Sep 1999, Josh Higham wrote:

> >Gentleman;
> >
> >I submitted what I thought was a minor issue on Redhat's handling
> >of passwords. Is it me? Is it something I missed? Any password you
> >assign over 8 characters gets cut...
>
>
> This is a result of UNIX crypt (I believe).  Standard unix passwords only
> handle the first 8 characters of a password; RH6.0 allows you to install MD5
> passwords, which can give you additional length, if desired.
>
> >
> >At first I thought it was my system but its not since I tested it at
> >home,
> >but then at work its the same thing:
> >
> >------snip------
> >passwd
> >
> >I typed it p4$sW3rd$ as my password
> >but I was able to log in using p4$sW3rD
> >
> >ctrl-alt-del
> >bash
> >$
> >passwd
> >changed it to 1234567899999
> >and I was able to log in using:
> >12345678
> >-----endsnip-----
> >
> >Does anyone else know of this?
> >Has anyone heard of this?
> >
> >by the way I bcc'd this to Redhat as well. ;)
> >
> >-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> >Yours Truly
> >J. Oquendo
> >silat_private
> >silat_private
> >
> >
> >"Linux -- Where you really can go tommorow"
> >
> >ID 0x1281EC4F
> >DH/DSS
> >4096/1024
> >CIPHER: CAST
> >PGP Fingerprint
> >46C0 6A83 E6D2 FEA6 383A  B9A6 44D3 4E77 1281 EC4F
> >
> >-----BEGIN PGP SIGNATURE-----
> >Version: PGP Personal Privacy 6.0.2
> >
> >iQA/AwUBN6d/aETTTncSgexPEQLuAgCfRF5dpZii9yEPnqZ+F+
> >AEbzB+KL0An3mXPk+Y8lZxkr0crgw72zPX5w71=tCpK
> >-----END PGP SIGNATURE-----
>


Erik Parker
eparkerat_private

Next message: Alan Brown: "Re: Redhat 6.0 Password Issues"
Previous message: Dr. Joel M. Hoffman: "fixing all buffer overflows --- random magin numbers"
Maybe in reply to: root3d: "Redhat 6.0 Password Issues"
Next in thread: Alan Brown: "Re: Redhat 6.0 Password Issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:03:01 PDT