[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Why is passwd truncating passwords



On Fri, 2004-05-14 at 21:56, Jose J. Cintron wrote:
> i'm running 8.2.  try using md5 too see if it's a bug in the blowfish 
> implementation...
> 
> Arjen Runsink wrote:
> > Hi 
> > 
> > On Friday 14 May 2004 22:50, Jose J. Cintron wrote:
> > 
> >>What does your pam_unix2.conf says in the password line?  I have md5
> >>instead of blowfish on both files and they don't get truncated...
> >>Arjen Runsink wrote:
> >>
> >>>Following is in /etc/security/pam_pwcheck.conf
> >>>password:       blowfish nullok
> >>>Manual says it will truncate at 97 or so chars.
> > 
> > 72 I just reread
> > 
> >>>So why does passwd truncate at 8?????
> > 
> > 
> > And in pam_unix2.conf there is:
> > password:       blowfish nullok
> > 
> > So this could be a blowfish only thing?
> > 
> > Are you running 9.0 or 9.1????
> > 
> > BB, Arjen
> > 

Same pbm on 9.1. Password gets truncated if I use passwd from the
command line even though I chose MD5. Only way is to use the user
management tool in YAST2

wallaby:/media # cat /etc/security/pam_pwcheck.conf
password:       md5 nullok


wallaby:/media # cat /etc/security/pam_unix2.conf
auth:   nullok
account:
password:       md5 nullok
session:        none

/Fred


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here