Re: Unix password config

Wed, 26 Sep 2001 02:07:08 -0500 

on Tue, Sep 25, 2001 at 04:04:51PM -0700, Mike Egglestone ([EMAIL PROTECTED]) 
wrote:
> Quoting "Karsten M. Self" <kmself@ix.netcom.com>:
> 
> > on Tue, Sep 25, 2001 at 12:52:06PM -0700, Mike Egglestone
> > ([EMAIL PROTECTED]) wrote:
> > > Hi all,
> > > 
> > > Is there a way to setup "passwd" so that when a user goes to
> > > change their password, it can be as short as they want and as
> > > simple as they want?
> > 
> > Yes.  However, it's very strongly discouraged.

<...>

> > On my own systems I use pwgen to generate strings, generally 10-12
> > characters in length, e.g.:

> I probably should have explained myself a little better.  :) The
> purpose of the password changing is for a Samba lab.  I didn't realize
> at first that I had to edit the smb.conf to allow smaller smb
> passwords.  and I believe that when a user changes their smbpasswd,
> the passwd command that gets invoked from smb.conf is run as root and
> therefore their unix password can be whatever.

Ugh.  Samba....

> I agree with you in *not* having whimpy small passwords on linux.
> However, I have one lab where there are students from grade 7 and
> younger.  Some of them can't even spell their name.(The real young
> ones) So, I end up using usernames and passwords with only 3
> characters.  However, in some of the high schools, I definetly must
> use good security to maintain the labs. Some of these kids now adays
> are pretty sneaky.
> 

Hmm...that's probably acceptable.  But consider you've got the option to
get some kids off to good security practices.

I'd look at a bunch of word chosen from a dictionary.  Things like
"rabbitsilly" or "carrothouse".  Not strictly searchable in a dictionary
attack.  Fairly memorable, in their own strange way, likely more so than
an arbitrary four-character string.  I don't know of a tool to generate
same, but suspect they're out there or could be ginned up easily.

> I like the idea of your pwgen. I shall look into this more.

    $ apt-cache show pwgen
    $ apt-get install pwgen

Peace.

-- 
Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What part of "Gestalt" don't you understand?              Home of the brave
  http://gestalt-system.sourceforge.net/                    Land of the free
   Free Dmitry! Boycott Adobe! Repeal the DMCA!  http://www.freesklyarov.org
Geek for Hire                      http://kmself.home.netcom.com/resume.html

Attachment: pgpM90djfhaHE.pgp
Description: PGP signature

Reply via email to