Barry Dwyer writes:
> I'm back at the beginning with this problem: checkpassword won't
> authenticate a valid user on a Caldera 2.2 (col 2.2.5) system.
>
> I compiled checkpassword from the sources and during compiliation there
> was an error about a missing 'crypt' library. Yet checkpassword appears
> to run. I've also tried using checkvpw and one other password checker,
> all compiled from the source, all reporting a missing 'crypt' library
> and all failing to authenticate valid pop users.
>
> Is there someone on the list who has qmail 1.03 pop3d working with a
> password-checking util? I need to make this work!!
There are a couple of things you can do.
First, change the Makefile to remove the reference to crypt. It is
possible that Caldera simply added the crypt functions to libc, and you
don't need to explicitly link with crypt.
Now, if you can get everything to link properly, but it still fails, check
if Caldera's Linux uses MD5 password hashes, like Red Hat, I don't know if
it does or does not. I do not believe that checkpassword supports MD5
hashing, instead of crypt. If Caldera uses MD5 hashing, which is something
that you can figure out yourself simply by looking at /etc/shadow, you have
a couple of options:
1. If Caldera uses PAM authentication, you might be able to find a version
of checkpassword somewhere out there that uses PAM, and you can go with
that. PAM does require a little bit of tweaking to get working, but after
all's said and done, you just set it, and forget it.
2. Figure out how to turn off MD5 password hashing. This may not be an
option if the reason that you don't have a crypt library is because Caldera
chosen to go with MD5 password hashing only, and left out crypt altogether,
which is very possible. But, if you do have the crypt library, just figure
out what needs to be done to fall back to crypt passwords, then just have
everyone reenter their passwords, so they can be rewritten as crypted
entries in /etc/shadow.
So, you really need to know a couple of data items before you can proceed.
You need to find out whether your default login passwords use crypt, or MD5
hashing, and if you have crypt passwords even available at all.
If you determine that Caldera uses MD5 password hashing, and if it uses the
same kind of MD5 password hashing as Red Hat, and if you feel like hacking
checkpassword yourself, I can release GPLed code that does MD5 password
hashing that appears to be compatible with Red Hat's, as far as I can tell.
--
Sam
