Re: vlock with md5 password support

From: Derek D. Martin (ddm@mclinux.com)
Date: 01/08/02


Date: Tue, 8 Jan 2002 11:47:21 -0500
From: "Derek D. Martin" <ddm@mclinux.com>
To: focus-linux@securityfocus.com


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Casey Allen Shobe wrote:

> I reconfigured my linux-from-scratch system to use MD5 passwords
> rather than the standard DES some time ago because of the heightened
> security, primarily in the fact that more than the first 8
> characters of the password matter.

Be aware thought that if you ever want to use NIS with this system
(and if you're concerned about security, you probably don't), while it
MOSTLY works, there are issues with using MD5 passwords with NIS on
Linux.

> However, this rendered one of my favorite tools, vlock, unusable, as
> it doesn't support MD5-encrypted passwords.

I'm betting it's because there's no mention of md5 in your
/etc/pam.d/vlock file. Not sure what distro you're using, so this may
or may not be a problem, but I'd guess you're using an older RH
distro, like RH 6.2 or something. Check that file. Can't really give
you much advice about what should be in there, cuz it can vary a lot
between distributions.

- --
Derek Martin
Senior System Administrator
Mission Critical Linux
martin@MissionCriticalLinux.com

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8OyKZdjdlQoHP510RAlUUAJ41xqDG6aWQZPPW3ILDIbblIBERigCfSjGx
SKf6c0jSvaP9/jbq11KQSOo=
=xYGN
-----END PGP SIGNATURE-----



Relevant Pages

  • Re: Screensaver takes too much time to fade-out...
    ... I will provide a disclaimer up front that I work in the security field, but I design security protocols and OS security I learn from osmosis from my colleagues. ... Linux install is NOT as bad as say XP install where you can get owned DURING the install if you are connected. ... I am quite contrary on passwords and password strengths. ... First configure your local firewall so that all inbound ports are closed and only open those that you have evidence that you need (what local servers ARE you running? ...
    (Fedora)
  • Re: OT: disabling APIs to prevent keystroke logging
    ... I have googled keylogging but there's a ton of info a mostly ads. ... I've dealt with security issues in my work as a software ... Researcher refutes Microsoft's account of hijacked Hotmail passwords ... passwords were obtained in a massive phishing attack. ...
    (alt.sys.pc-clone.dell)
  • RE: passwords in asp pages
    ... and using integrated security for connecting to the database- this will ... remove cleartext passwords from the files. ... grab the raw asp source from the server. ... to facilitate one-on-one interaction with one of our expert instructors. ...
    (Security-Basics)
  • Re: Oh Dear, Where to start?!
    ... > sort of security solution? ... > use, passwords, physical security, backup/disaster ... > admin, network admin, tech support, programming, and ... Theres lots of software out there for backups. ...
    (Security-Basics)
  • Re: [Full-disclosure] Filezillas silent caching of users credentials
    ... the security hassles you're going through are all useless. ... With regards to the handcuffs example, ... limiting access to the passwords file in the first place. ...
    (Full-Disclosure)