Honeypots mailing list archives

Re: Roo 1.2 password changing

From: Lucretia <lucretias () shaw ca>
Date: Wed, 08 Aug 2007 10:45:24 -0600

On Thu, 2007-08-02 at 12:19 -0400, Earl wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The db schema that holds the walleye passwd is char/16.  We felt
that given the "mix" requirements this would usually be a
sufficient length.

I'm not sure if MySQL gives you the full 16 or if there is some
sort of "end-of-string" char that ends up yielding 15.  Will a 15
(or lower) char password work?


After discussing this off list with Scott, it was determined to be a bug
limiting to eight or nine characters.  

I have traditionally used 10 to 17 chars which simply would not work.  8
and 9 work fine.

This is new with Roo 1.2.

Thanks again to Scott for confirming this for me.


Earl


On Tue, 31 Jul 2007 10:04:27 -0400 Lucretia <lucretias () shaw ca>
wrote:

Greetings.

I have used Roo for a couple years now and like the simple
package.  I
have wiped my 1.1 box for installation of 1.2 which is going fine
except
for one problem I cannot figure out.

When I login to walleye for the first time, it takes me to the
change
password page.  I cannot get past this page.  It requests the
current
password 'honey' and then the new password and a confirm of the
new
password.  The new password is 17 chars with all the prerequisites
yet I
keep getting one of the two errors

'the password is not long enough' or 'the username or password you
entered is not valid'.

Then I'll generate 'you have exceeded the maximum number of login
attempts.

But then 'roo' and 'honey' are what get me logged back in.

Is there a bug in the walleye.pl script?  Am I too familiar and
forgetting some important step?

Can I bypass this to use the walleye interface or am I stuck with
ssh?

TIA!

L.

Current thread:

Roo 1.2 password changing Lucretia (Jul 31)
- <Possible follow-ups>
- Re: Roo 1.2 password changing Earl (Aug 03)
  - Re: Roo 1.2 password changing Lucretia (Aug 08)
- Re: Roo 1.2 password changing Earl (Aug 08)