Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
This website is powered by Openwall GNU/*/Linux security-enhanced OS
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Wed, 25 Aug 2004 22:09:27 +0100
From: Daniel Leite <dleite+popa3d@....pt>
To: popa3d-users@...ts.openwall.com
Subject: Re: popa3d problem with more than 8 character
 passwords.

Hi

On Wed, 25 Aug 2004 13:29:20 -0300
Lucas Brasilino <brasilino@...ife.pe.gov.br> wrote:
> 12345678 is authenticated.
> 12345678itsafeature? is authenticated...
> and so on.
> 
> I'm using RH7.2, PAM 0.74, GLIBC 2.2.2, OpenSSL 0.9.6g

	i think the problem is in redhat, IIRC, it defaults to normal
	crypt that only supports 8 chars, you have to switch it to
	use MD5 so it can use more than 8 chars

	check the /etc/shadow, if the passwords start with $1, its md5,
	if its a 13 chars field with letters and numbers, its using the
	old crypt... note that its even possible that you have a mix 
	mode, some with normal crypt, others with the MD5

	IIRC, you can change the password setting in /etc/login.defs

daniel

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux