FAQ   Search   Memberlist  
Profile    Log in to check your private messages    Register    Log in
[solved] blag installer password complexity check

Post new topic   Reply to topic    BLAG Forum Index -> support
View previous topic :: View next topic  
Author Message
PostPosted: Sun Jul 27, 2008 1:25 am    Post subject: [solved] blag installer password complexity check Reply with quote


how does it do it?
i mean i understand the part about min chars, some chars and some numbers requirements as those can be put into some logic.
but matching the pass to a dictionary? - how does anaconda actually know that this is a dictionary word, it has it's own dictionary stashed somewhere in the background or what?

Last edited by gr00ve on Tue Aug 05, 2008 10:53 am; edited 1 time in total
john maclean
PostPosted: Sun Jul 27, 2008 10:57 am    Post subject: Reply with quote

where you connected to the net at the time. Maybe /*guess*/ that it connects to a server where it checks a dictionary? I think a "tiny shell" like nash or busybox could be running at the time and anaconda called a script to be run from that shell. During installations I hit <ctrl><alt><fnX> to get a vt and see what's going on.

BLAG 'em up!
PostPosted: Sun Jul 27, 2008 2:53 pm    Post subject: Reply with quote

It *definitely* doesn't connect to the net to check passwords. John's on a roll.

It uses cracklib, i assume.

Name        : cracklib                     Relocations: (not relocatable)
Version     : 2.8.12                            Vendor: Fedora Project
Release     : 2                             Build Date: Wed 20 Feb 2008 04:23:42 AM MST
Install Date: Mon 05 May 2008 10:51:47 PM MDT      Build Host: xenbuilder4.fedora.phx.redhat.com
Group       : System Environment/Libraries   Source RPM: cracklib-2.8.12-2.src.rpm
Size        : 110453                           License: GPLv2
Signature   : DSA/SHA1, Thu 10 Apr 2008 07:49:44 AM MDT, Key ID b44269d04f2a6fd2
Packager    : Fedora Project
URL         : http://sourceforge.net/projects/cracklib/
Summary     : A password-checking library
Description :
CrackLib tests passwords to determine whether they match certain
security-oriented characteristics, with the purpose of stopping users
from choosing passwords that are easy to guess. CrackLib performs
several tests on passwords: it tries to generate words from a username
and gecos entry and checks those words against the password; it checks
for simplistic patterns in passwords; and it checks for the password
in a dictionary.

CrackLib is actually a library containing a particular C function
which is used to check the password, as well as other C
functions. CrackLib is not a replacement for a passwd program; it must
be used in conjunction with an existing passwd program.

Install the cracklib package if you need a program to check users'
passwords to see if they are at least minimally secure. If you install
CrackLib, you will also want to install the cracklib-dicts package.

PostPosted: Mon Jul 28, 2008 12:02 am    Post subject: Reply with quote

thanks, i've found the dictionary in cracklib
Display posts from previous:   
Post new topic   Reply to topic    BLAG Forum Index -> support
Page 1 of 1

Protected by Anti-Spam ACP