Re: vlock with md5 password support

From: Derek D. Martin (ddm@mclinux.com)
Date: 01/08/02


Date: Tue, 8 Jan 2002 11:47:21 -0500
From: "Derek D. Martin" <ddm@mclinux.com>
To: focus-linux@securityfocus.com


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Casey Allen Shobe wrote:

> I reconfigured my linux-from-scratch system to use MD5 passwords
> rather than the standard DES some time ago because of the heightened
> security, primarily in the fact that more than the first 8
> characters of the password matter.

Be aware thought that if you ever want to use NIS with this system
(and if you're concerned about security, you probably don't), while it
MOSTLY works, there are issues with using MD5 passwords with NIS on
Linux.

> However, this rendered one of my favorite tools, vlock, unusable, as
> it doesn't support MD5-encrypted passwords.

I'm betting it's because there's no mention of md5 in your
/etc/pam.d/vlock file. Not sure what distro you're using, so this may
or may not be a problem, but I'd guess you're using an older RH
distro, like RH 6.2 or something. Check that file. Can't really give
you much advice about what should be in there, cuz it can vary a lot
between distributions.

- --
Derek Martin
Senior System Administrator
Mission Critical Linux
martin@MissionCriticalLinux.com

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8OyKZdjdlQoHP510RAlUUAJ41xqDG6aWQZPPW3ILDIbblIBERigCfSjGx
SKf6c0jSvaP9/jbq11KQSOo=
=xYGN
-----END PGP SIGNATURE-----