# Anyawy, all this is science-fiction right now as nobody cared enough
# to implement a good password quality test in user-setup.
tags 364526 +patch
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Christan:
Thanks for your response.
As you've quoted my comment was aimed a Debian in general. I have also
previously commended the d-i team on its improvement of the d-i in etch.
Much easier to use. In fact its now easier to use than MS's installer.
Quoting Steven Demetrius ([EMAIL PROTECTED]):
> Many new users to Debian complain how difficult and geeky it is to use.
This is anything but a legend now. Sorry, but I (and probably many
other D-I developers) feel sick when reading this as a full default
Debian install is as painless as any other
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
All:
I do realize the importance of good/strong password and the desire of
guiding installers to used them. I also realize the need for ease of use
especially for new users.
If I'm new to Debian installer I don't care about good/strong passwords
as I
Op 19-06-2007 om 21:58 schreef Masami Ichikawa:
> +
> + # password shouldn't be a login account.
> + if test "$user" = "$passwd"; then
> + return 0
> + fi
> +
> + # password shouldn't contain login account.
> + ret=`echo $passwd | grep -ci $user`
> + if test $r
(Please send mails to -submitter so I can actually see them, I'm the
originator of this bug but I'm not subscribed to debian-boot)
Joey, the cracklib2 library, IIRC, does not check for password robustness
(i.e. size, use of characters, etc.) but, actually, tries to crack it using
its dictionary.
Hello.
on 06/18/07 03:02, Christian Perrier wrote:
>> +Template: passwd/chkpasswdstrength
>> +Type: boolean
>> +Default: true
>> +_Description: : Reject weak passwords?
>
> Should be:
>
> _Description: Reject weak passwords?
>
>
>> + Please choose whether you want the entered passwords strengt
Masami Ichikawa wrote:
> +Template: passwd/chkpasswdstrength
> +Type: boolean
> +Default: true
> +_Description: : Reject weak passwords?
> + Please choose whether you want the entered passwords strength to be
> + checked and passwords found as 'weak' to be rejected.
I'd suggest turning this aroun
on 06/18/07 03:02, Christian Perrier wrote:
>> +Template: passwd/chkpasswdstrength
>> +Type: boolean
>> +Default: true
>> +_Description: : Reject weak passwords?
>
> Should be:
>
> _Description: Reject weak passwords?
>
Yes. should be.
>
>> + Please choose whether you want the entered passwor
on 06/18/07 01:04, Geert Stappers wrote:
Op 17-06-2007 om 21:21 schreef Masami Ichikawa:
+ # password shouldn't contain login account.
+ ret=`echo $passwd | grep -ci $user`
+ if test $ret = 1; then
+ if test $passwd_len -ge $user_len; then
+ return 0
+ fi
+
> +Template: passwd/chkpasswdstrength
> +Type: boolean
> +Default: true
> +_Description: : Reject weak passwords?
Should be:
_Description: Reject weak passwords?
> + Please choose whether you want the entered passwords strength to be
> + checked and passwords found as 'weak' to be rejected.
>
Op 17-06-2007 om 21:21 schreef Masami Ichikawa:
> + # password shouldn't contain login account.
> + ret=`echo $passwd | grep -ci $user`
> + if test $ret = 1; then
> + if test $passwd_len -ge $user_len; then
> + return 0
> + fi
> + fi
I
Hello.
Thanks for people who gave me comments:-)
I wrote a new patch which changed these.
* s/chkpasswd/checkpasswdstrength/
* fix indent.
* rewrote messages in user-setup-udeb.templates.
* default answer is true.
The user has to choose a strong password now in default.
Cheers,
--
/*
* Masam
Op 16-06-2007 om 16:10 schreef Christian Perrier:
> Template: user-setup/chkpasswd-bad
> Type: error
> _Description: Weak password
> The strength of the password you have chosen is low.
> .
> Weak passwords can compromize the system's security, so please
> choose another password.
choose
On Saturday 16 June 2007 16:10, Christian Perrier wrote:
> _Description: Reject weak passwords ?
s/ ?/?/ !!!
pgpPUwMaBLocv.pgp
Description: PGP signature
Quoting Masami Ichikawa ([EMAIL PROTECTED]):
> Hello.
>
> I wrote a password checking feature implement by shell script in function.sh.
> I attached a patch which name is passwd_check.patch.
Thanks a lot for this contribution which may help starting some work
about this feature.
Some ppl may fin
Hello:-)
Thanks for Otavio Salvador and Geert Stappers to reviewing.
I'll repair the point pointed out ASAP.
Cheers,
--
/*
* Masami Ichikawa
* mailto: [EMAIL PROTECTED]
* : [EMAIL PROTECTED]
*/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Co
The programm code in the patch seems reasonable.
a Thing I like to see changed,
is "password check" into "password strength check"
Op 16-06-2007 om 21:41 schreef Masami Ichikawa:
> Hello.
>
> I wrote a password checking feature implement by shell script in function.sh.
a password strength che
Masami Ichikawa <[EMAIL PROTECTED]> writes:
> Hello.
>
> I wrote a password checking feature implement by shell script in function.sh.
> I attached a patch which name is passwd_check.patch.
I personally liked it a lot. I'd just want to ask you to check the
code indenting since it has some mistake
Hello.
I wrote a password checking feature implement by shell script in function.sh.
I attached a patch which name is passwd_check.patch.
This logic checks these.
1. The password length should be more than four.
2. The password shouldn't equal login account.
3. The password shouldn't contain logi
Processing commands for [EMAIL PROTECTED]:
> reassign 364526 user-setup 1.1
Bug#364526: debian-installer: Please implement a password-checking module
Bug reassigned from package `user-setup' to `user-setup'.
>
End of message, stopping processing here.
Please contact me if you
> There are two ways to do this:
>
> - the hard way, like Owl [1], which implements a password checking module
> (pam_passwdqc, which was written by Solar Designer) and goes even
> further by proposing random passwords if the user is unable to provide
> one.
>
> - the simple way, see attac
Package: debian-installer
Version: 20060304
Tags: wishlist
Currently, the debian-installer warns the user to use a "secure" password (6
chars long, with different case letters and punctuation characters) but does
not make an attempt to determine if the user is indeed using one.
Since there are m
23 matches
Mail list logo
