Security Basics mailing list archives

Re: ??? Solaris password scheme ???

From: Brad Arlt <arlt () cpsc ucalgary ca>
Date: Tue, 22 Oct 2002 13:39:23 -0600

On Tue, Oct 22, 2002 at 09:42:29AM -0500, Ansel, Kenny L. (Sytex Contractor) wrote:

Does anyone know of a NATIVE way that will force users to create a password
containing uppercase, lowercase, alpha, and numeric characters?

The /etc/default/passwd does the MIN & MAX and length........


If there aren't any NATIVE ways, can you all gimme some good 3rd party
utilities or passwd replacements that you use to enforce a stronger passward
construction??


In a word PAM.  Password has PAM support built into it.  There are a
number of Linux PAM modules that tie into cracklib and similar
products.  Cracklib will perform the same types of checks on a
password that Crack (or John the Ripper or L0phtCrack) does.

Take a look at the linux PAM pages on kernel.org (I think thats were
they are).  If there isn't one with Solaris support, they usually
aren't that difficult to port to Solaris (the port of pam_wheel took
15 minutes, and about 10 lines of code).

-----------------------------------------------------------------------
   __o          Bradley Arlt                    Security Team Lead
 _ \<_          arlt () cpsc ucalgary ca                University Of Calgary
(_)/(_)         I should be biking right now.   Computer Science

Current thread:

??? Solaris password scheme ??? Ansel, Kenny L. (Sytex Contractor) (Oct 22)
- Re: ??? Solaris password scheme ??? Brad Arlt (Oct 23)
- RE: ??? Solaris password scheme ??? andres (Oct 24)
- <Possible follow-ups>
- Re: ??? Solaris password scheme ??? Chris Berry (Oct 23)
- FW: ??? Solaris password scheme ??? Alain Verdonck (Oct 24)
- Re: ??? Solaris password scheme ??? Muhammad Faisal Rauf Danka (Oct 24)