> > On Wed, Mar 22, 2006 at 03:33:39PM -0800, [EMAIL PROTECTED] wrote: > > > > I've scoured through all Debian pam documentation, upstream PAM docs, > > and did extensive googling but cannot find the definition of "obscure" > > as it applies to common-password. Anyone have any info on this? > > > > > > I am assuming this is where the default system password policy is set: > > > > > > password required pam_unix.so nullok obscure min=4 max=8 md5 > > You can find the documentation of the pam_unix module in the libpam-doc > package (/usr/share/doc/libpam-doc/txt/pam.txt.gz): > > The obscure option enables some extra checks on the password. > These is taken after the same obscure checks enabled in the > original shadow package. This works very similar to the > pam_cracklib module and implements these checks (it does not > implement dictionary checks): > * Palindrome > * Case Change Only > * ... >
One further question: I've been making edits to /etc/pam.d/common-password to test various options and some of them don't seem to have an effect, for example i can change min= to some value and i see that the policy is effective immediately. but i've tried setting difok=3 which isn't having any effect. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
