Re: ??? Solaris password scheme ???

From: Muhammad Faisal Rauf Danka (mfrd@attitudex.com)
Date: 10/23/02 

Date: Wed, 23 Oct 2002 10:36:30 -0700 (PDT)
From: Muhammad Faisal Rauf Danka <mfrd@attitudex.com>
To: "Ansel, Kenny L. (Sytex Contractor)" <kenny.ansel.sytex@arrtc-exch.mccoy.army.mil>

Yes, or could probably use bash and perl script for that too, which on recieving finally validated input (i.e. alphanumeric and lower&uppercase), it can pass it on to a expect script to change password of the calling user.

You'd have to set proper permissions on the expect script and as well as compile the perl code with perlcc, or whip up the shell script via system calls in C, i.e. just to hide the code from users.

Regards
--------
Muhammad Faisal Rauf Danka

Head of GemSEC / Chief Technology Officer
Gem Internet Services (Pvt) Ltd.
web: www.gem.net.pk
Key Id: 0x784B0202
Key Fingerprint: 6F8C EDCF 6C6E 06A5 48D7 6A20 C592 484B
784B 0202

--- Brad Arlt <arlt@cpsc.ucalgary.ca> wrote:
>On Tue, Oct 22, 2002 at 09:42:29AM -0500, Ansel, Kenny L. (Sytex Contractor) wrote:
>> Does anyone know of a NATIVE way that will force users to create a password
>> containing uppercase, lowercase, alpha, and numeric characters?
>>
>> The /etc/default/passwd does the MIN & MAX and length........
>>
>>
>> If there aren't any NATIVE ways, can you all gimme some good 3rd party
>> utilities or passwd replacements that you use to enforce a stronger passward
>> construction??
>
>In a word PAM. Password has PAM support built into it. There are a
>number of Linux PAM modules that tie into cracklib and similar
>products. Cracklib will perform the same types of checks on a
>password that Crack (or John the Ripper or L0phtCrack) does.
>
>Take a look at the linux PAM pages on kernel.org (I think thats were
>they are). If there isn't one with Solaris support, they usually
>aren't that difficult to port to Solaris (the port of pam_wheel took
>15 minutes, and about 10 lines of code).

_____________________________________________________________
---------------------------
[ATTITUDEX.COM]
http://www.attitudex.com/
---------------------------

_____________________________________________________________
Select your own custom email address for FREE! Get you@yourchoice.com w/No Ads, 6MB, POP & more! http://www.everyone.net/selectmail?campaign=tag

Relevant Pages

  • Re: A make question
    ... When I run make and it is to execute a perl script, ... Changing to sh.exe in just the makefile in the subfolder itself, ... Would your port of 5.8.2 be better than the 5.8 port that I am using? ...
    (comp.os.os2.programmer.misc)
  • [NEWS] IBM Informix Web DataBlade Local Root by Design
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... that ease development of "intelligent", interactive, Web-enabled database ... person who has access to change the Perl script. ...
    (Securiteam)
  • Re: How to Create a TCP/IP PrinterPort on a MS Cluster 2k3 via Scr
    ... XP is not in the cluster so I'm not clear on the failure question. ... the user running the script should be admin on the remote print server. ... thus the creation of the port on the node. ...
    (microsoft.public.windows.server.clustering)
  • Re: How to Create a TCP/IP PrinterPort on a MS Cluster 2k3 via Scr
    ... XP is not in the cluster so I'm not clear on the failure question. ... the user running the script should be admin on the remote print server. ... thus the creation of the port on the node. ...
    (microsoft.public.windows.server.clustering)
  • Firewall Rules Summary
    ... Subject: Firewall Rules Summary ... This script is provided "as is" with no implied warranty. ... this came from various howtos and articles on iptables that existed around ... #specific port denies>1024 tcp ...
    (Focus-Linux)
Loading