"The Linux Gazette...making Linux just a little more fun!"


(?) The Answer Guy (!)


By James T. Dennis, answerguy@ssc.com
LinuxCare, http://www.linuxcare.com/


(!) Another "No Login" Problem: A little tip

From Jens Christian Gram on Wed, 03 Mar 1999

I have experienced the "no login" problem in both RH 5.1 and RH 5.2. The problem seems to be that the /bin/passwd command has applies some restrictions to the entered passwords (they can not be to short, to simple ...). When you use the graphic tool, no restrictions are applied, but you can not log in, if the password violates the restrictions from passwd.

I hope you understand what I mean, and that you can use my help, even though I am relatively new at linux.

Jens Christian Gram

(!) Of course! That explains it.
The normal Linux 'passwd' command does attempt to enforce a "strong passwords" policy --- to ensure that the user will pick passwords that are unlikely to be in a potential attacker's 'crack' dictionary. 'crack' is a program that hashes (encodes) a list of words (a dictionary) into every variant of the way it might appear in a given password file (/etc/passwd). This is much more efficient than a true "brute force" attack.
In any event --- the GUI tool obviously has a bug it it --- since it just calls the underlying 'passwd' command and doesn't relay the error messages back to the user. I personally consider that to be a major flaw and would suggest that sysadmins remove this program (python script?) from their systems until it's fixed.


Copyright © 1999, James T. Dennis
Published in The Linux Gazette Issue 39 April 1999


[ Answer Guy Index ] 2 3 4 5 6 7 8 9 10 11
12 13 15 16 18 19 21 22 23


[ Table Of Contents ] [ Front Page ] [ Previous Section ] [ Next Section ]