Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 25 Jul 2013 18:26:00 +0400
From: Solar Designer <solar@...nwall.com>
To: passwdqc-users@...ts.openwall.com
Subject: Re: failing to force random passwords with random=only

Hi,

On Thu, Jul 25, 2013 at 09:29:26AM +0000, johnfoobar wrote:
> I'd like to force random passwords on a RHEL 6.4 system with
> pam_passwdqc-1.0.5-6
> 
> The password section in system-auth-ac looks like this:
> 
> password    required	  pam_passwdqc.so random=15,only

15 bits is way too little.  For pam_passwdqc 1.0.5, the minimum was 24
(so trying to use less than that results in a deliberate failure like
what you report) and the default was 42 (and both were increased since
then).  I suggest that you try "random=42,only".  This should work.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ