[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Why is passwd truncating passwords

To: "Jose J. Cintron" <jcintron@xxxxxxxxx>
Subject: Re: [suse-security] Why is passwd truncating passwords
From: Frederic Soulier <frederic@xxxxxxxxxxxxxxxxxxx>
Date: Fri, 14 May 2004 22:04:46 +0100
Cc: Arjen Runsink <arjen@xxxxxxxxxxx>, suse-security@xxxxxxxx
Delivered-to: mailing list suse-security@xxxxxxxx
Delivery-date: Fri, 14 May 2004 23:06:26 +0200
Envelope-to: suse@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
In-reply-to: <40A53298.6080909@xxxxxxxxx>
List-help: <mailto:suse-security-help@suse.com>
List-post: <mailto:suse-security@suse.com>
List-subscribe: <mailto:suse-security-subscribe@suse.com>
List-unsubscribe: <mailto:suse-security-unsubscribe-suse=archive.cert.uni-stuttgart.de@suse.com>
Mailing-list: contact suse-security-help@xxxxxxxx; run by ezmlm
References: <200405142236.32593.arjen@xxxxxxxxxxx> <40A53103.30106@xxxxxxxxx> <200405142255.41679.arjen@xxxxxxxxxxx> <40A53298.6080909@xxxxxxxxx>

On Fri, 2004-05-14 at 21:56, Jose J. Cintron wrote:
> i'm running 8.2.  try using md5 too see if it's a bug in the blowfish 
> implementation...
> 
> Arjen Runsink wrote:
> > Hi 
> > 
> > On Friday 14 May 2004 22:50, Jose J. Cintron wrote:
> > 
> >>What does your pam_unix2.conf says in the password line?  I have md5
> >>instead of blowfish on both files and they don't get truncated...
> >>Arjen Runsink wrote:
> >>
> >>>Following is in /etc/security/pam_pwcheck.conf
> >>>password:       blowfish nullok
> >>>Manual says it will truncate at 97 or so chars.
> > 
> > 72 I just reread
> > 
> >>>So why does passwd truncate at 8?????
> > 
> > 
> > And in pam_unix2.conf there is:
> > password:       blowfish nullok
> > 
> > So this could be a blowfish only thing?
> > 
> > Are you running 9.0 or 9.1????
> > 
> > BB, Arjen
> > 

Same pbm on 9.1. Password gets truncated if I use passwd from the
command line even though I chose MD5. Only way is to use the user
management tool in YAST2

wallaby:/media # cat /etc/security/pam_pwcheck.conf
password:       md5 nullok


wallaby:/media # cat /etc/security/pam_unix2.conf
auth:   nullok
account:
password:       md5 nullok
session:        none

/Fred


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here

Follow-Ups:
- Re: [suse-security] Why is passwd truncating passwords
  - From: Jose J. Cintron

References:
- [suse-security] Why is passwd truncating passwords
  - From: Arjen Runsink
- Re: [suse-security] Why is passwd truncating passwords
  - From: Jose J. Cintron
- Re: [suse-security] Why is passwd truncating passwords
  - From: Arjen Runsink
- Re: [suse-security] Why is passwd truncating passwords
  - From: Jose J. Cintron

Prev by Date: Re: [suse-security] Why is passwd truncating passwords
Next by Date: Re: [suse-security] Why is passwd truncating passwords
Previous by thread: Re: [suse-security] Why is passwd truncating passwords
Next by thread: Re: [suse-security] Why is passwd truncating passwords
Index(es):
- Date
- Thread