Date: Fri, 31 Aug 2007 14:25:23 -1000 From: Don Colton <don@...ton.byuh.edu> To: john-users@...ts.openwall.com Subject: dynamic password list Aloha, I administer a linux server that has 100+ student accounts. I am using john to identify weak passwords, whereupon I notify the student and eventually suspend uncorrected accounts. This helps me teach the students how to pick a good password, and helps me enforce it. My current approach is to simply run john in the background forever, manually restarting it occasionally (say once every month or two). I run -show via cron once a day and feed the results into a script. When students change their passwords, it appears that john eventually dynamically recognizes changes to /etc/shadow and includes them in its processing without requiring a restart. This does not seem to happen as frequently as I would like. What I would like to happen is this, roughly. When /etc/shadow changes, I would like john to notice within a few minutes and shift into pre-incremental mode to handle the new password(s). Then resume regular incremental mode. Does john already do this? If not, is there already a way to make this happen? Would it help if I run a second copy of john in single mode on each new password as I notice it? If I understand correctly, non-incremental mode runs to completion relatively quickly, and then incremental mode continues pretty much forever after that. Would it help if I run a second copy of john in non-incremental mode every night, and leave the first copy of john in incremental mode? Thanks! Don -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ