Full Disclosure mailing list archives

Re: Password quality?

From: the1 () unixclan net
Date: Wed, 10 Dec 2003 14:49:47 -0800 (PST)

I'm not sure if any "tool" exsists for this, but you could probably hack
something together after reading:
Applied Cryptography, Bruce Schneier
RFC 2631 - Diffie-Hellman Key Agreement Method
SSH, The Secure Shell: The Definitive Guide, O.Reilly


On Wed, 10 Dec 2003, Kristian [iso-8859-1] K?hntopp wrote:


I know how to check Unix and Windows passwords for quality - John the Ripper
is quite an encompassing tool (http://www.openwall.com/john/).

I now need to check ssh2 and openssh private keys for policy compliance - do
they have a password, and is it nontrivial?

Which tool am I going to use?

Kristian

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Password quality? Kristian Köhntopp (Dec 10)
- Re: Password quality? Larry W. Cashdollar (Dec 10)
  - Re: Password quality? Holger van Lengerich (Dec 10)
- Re: Password quality? petard (Dec 10)
- Re: Password quality? the1 (Dec 10)
- <Possible follow-ups>
- Re: Password quality? Larry W. Cashdollar (Dec 10)
  - Re: Password quality? Kristian Köhntopp (Dec 10)