Security Basics mailing list archives
RE: Red Hat Linux: passwd
From: "Burton M. Strauss III" <bstrauss3 () attbi com>
Date: Wed, 27 Nov 2002 07:41:53 -0600
It uses crack (that's why you have the crack and crack-dict rpm's installed). -----Burton $ rpm -q cracklib -i Name : cracklib Relocations: (not relocateable) Version : 2.7 Vendor: Red Hat, Inc. Release : 18 Build Date: Sun 23 Jun 2002 09:38:02 AM CDT Install date: Fri 22 Nov 2002 07:07:35 PM CST Build Host: perf90.perf.redhat.com Group : System Environment/Libraries Source RPM: cracklib-2.7-18.src.rpm Size : 81059 License: Artistic Signature : DSA/SHA1, Tue 03 Sep 2002 04:11:47 PM CDT, Key ID 219180cddb42a60e Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> URL : http://www.users.dircon.co.uk/~crypto/ Summary : A password-checking library. Description : CrackLib tests passwords to determine whether they match certain security-oriented characteristics, with the purpose of stopping users from choosing passwords that are easy to guess. CrackLib performs several tests on passwords: it tries to generate words from a username and gecos entry and checks those words against the password; it checks for simplistic patterns in passwords; and it checks for the password in a dictionary. CrackLib is actually a library containing a particular C function which is used to check the password, as well as other C functions. CrackLib is not a replacement for a passwd program; it must be used in conjunction with an existing passwd program. Install the cracklib package if you need a program to check users' passwords to see if they are at least minimally secure. If you install CrackLib, you will also want to install the cracklib-dicts package. $ rpm -q cracklib-dicts -i Name : cracklib-dicts Relocations: (not relocateable) Version : 2.7 Vendor: Red Hat, Inc. Release : 18 Build Date: Sun 23 Jun 2002 09:38:02 AM CDT Install date: Fri 22 Nov 2002 07:08:15 PM CST Build Host: perf90.perf.redhat.com Group : System Environment/Libraries Source RPM: cracklib-2.7-18.src.rpm Size : 877756 License: Artistic Signature : DSA/SHA1, Tue 03 Sep 2002 04:11:47 PM CDT, Key ID 219180cddb42a60e Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> URL : http://www.users.dircon.co.uk/~crypto/ Summary : The standard CrackLib dictionaries. Description : The cracklib-dicts package includes the CrackLib dictionaries. CrackLib will need to use the dictionary appropriate to your system, which is normally put in /usr/share/dict/words. Cracklib-dicts also contains the utilities necessary for the creation of new dictionaries. If you are installing CrackLib, you should also install cracklib-dicts. -----Original Message----- From: ALBEE,RUSSELL. S FC2 (CV63 CS5) [mailto:ALBEER () kitty-hawk navy mil] Sent: Tuesday, November 26, 2002 2:50 PM To: security-basics () securityfocus com Subject: Red Hat Linux: passwd How does passwd determine if a password is based off a dictionary word or not? Is there a file somewhere it references, a dictionary built into the code, or a algorithim it uses to check the password? Thanks, Russell
Current thread:
- Red Hat Linux: passwd ALBEE,RUSSELL. S FC2 (CV63 CS5) (Nov 26)
- Re: Red Hat Linux: passwd Pierre BETOUIN (Nov 27)
- Re: Red Hat Linux: passwd Johannes Ullrich (Nov 27)
- RE: Red Hat Linux: passwd Burton M. Strauss III (Nov 28)
- Re: Red Hat Linux: passwd Andy Hibbins (Nov 28)
- Re: Red Hat Linux: passwd David Bernick (Nov 29)