Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Passphrase Complexity
Top Forums UNIX for Advanced & Expert Users Passphrase Complexity Post 302497076 by jim mcnamara on Wednesday 16th of February 2011 09:09:05 AM
Old 02-16-2011
You cannot let users access the ssh-keygen image directly.

Put ssh-keygen in a special directory, then create a shell script with the same name in place of ssh-keygen that intercepts passpahrase changes and enforces the IT security ruleset. It then calls ssh-keygen correctly when needed.
 

3 More Discussions You Might Find Interesting

1. Solaris

password complexity check

Hi, I am looking for a simple way to : - force the user to change his password following the first connexion - check the complexity of a password (password should has a least 8 characters with 1 special char and 1 alpha...). Thinks for your help (1 Reply)
Discussion started by: dbsora
1 Replies

2. Cybersecurity

Computational complexity

This is a general question about the practical use of computational complexity in security. Wikipedia has a good article about the theoretical background of computational complexity. In the course of conversation with colleagues, a topic that is brought up occassionally is the security of any... (2 Replies)
Discussion started by: gratuitous_arp
2 Replies

3. SuSE

Setting password complexity

Hi, I am setting password complexity in SLES 11. I am able to do most of things pam-config -d --pwcheck pam-config -a --cracklib pam-config -a --cracklib-minlen=8 pam-config -a --cracklib-dcredit=-1 pam-config -a --cracklib-ocredit=-1 pam-config -a --pwhistory pam-config -a... (1 Reply)
Discussion started by: solaris_1977
1 Replies

LEARN ABOUT DEBIAN

authen::passphrase::netscapemail

Authen::Passphrase::NetscapeMail(3pm)			User Contributed Perl Documentation		     Authen::Passphrase::NetscapeMail(3pm)

NAME

       Authen::Passphrase::NetscapeMail - passphrases using Netscape Mail Server's method

SYNOPSIS

	       use Authen::Passphrase::NetscapeMail;

	       $ppr = Authen::Passphrase::NetscapeMail->new(
		       salt => "8fd9d0a03491ce8f99cfbc9ab39f0dd5",
		       hash_hex => "983757d7b519e86d9b5d472aca4eea3a");

	       $ppr = Authen::Passphrase::NetscapeMail->new(
		       salt_random => 1,
		       passphrase => "passphrase");

	       $ppr = Authen::Passphrase::NetscapeMail->from_rfc2307(
		       "{NS-MTA-MD5}8fd9d0a03491ce8f99cfbc9ab39f0dd5".
		       "983757d7b519e86d9b5d472aca4eea3a");

	       $salt = $ppr->salt;
	       $hash = $ppr->hash;
	       $hash_hex = $ppr->hash_hex;

	       if($ppr->match($passphrase)) { ...

	       $userPassword = $ppr->as_rfc2307;

DESCRIPTION

       An object of this class encapsulates a passphrase hashed using the algorithm used by Netscape Mail Server.  This is a subclass of
       Authen::Passphrase, and this document assumes that the reader is familiar with the documentation for that class.

       The Netscape Mail Server scheme is based on the MD5 digest algorithm.  The passphrase and a salt are concatenated, along with some fixed
       bytes, and this record is hashed through MD5.  The output of MD5 is the password hash.

       This algorithm is deprecated, and is supported for compatibility only.  Prefer the mechanism of Authen::Passphrase::SaltedDigest.

CONSTRUCTORS

       Authen::Passphrase::NetscapeMail->new(ATTR => VALUE, ...)
	   Generates a new passphrase recogniser object using the Netscape Mail Server algorithm.  The following attributes may be given:

	   salt
	       The salt, as a raw 32-byte string.  It may be any 32-byte string, but it is conventionally limited to lowercase hexadecimal digits.

	   salt_random
	       Causes salt to be generated randomly.  The value given for this attribute is ignored.  The salt will be a string of 32 lowercase
	       hexadecimal digits.  The source of randomness may be controlled by the facility described in Data::Entropy.

	   hash
	       The hash, as a string of 16 bytes.

	   hash_hex
	       The hash, as a string of 32 hexadecimal digits.

	   passphrase
	       A passphrase that will be accepted.

	   The salt must be given, and either the hash or the passphrase.

       Authen::Passphrase::NetscapeMail->from_rfc2307(USERPASSWORD)
	   Generates a new Netscape Mail Server passphrase recogniser object from an RFC 2307 string.  The string must consist of "{NS-MTA-MD5}"
	   (case insensitive) followed by the hash in case-insensitive hexadecimal and then the salt.  The salt must be exactly 32 characters
	   long, and cannot contain any character that cannot appear in an RFC 2307 string.

METHODS

       $ppr->salt
	   Returns the salt value, as a string of 32 bytes.

       $ppr->hash
	   Returns the hash value, as a string of 16 bytes.

       $ppr->hash_hex
	   Returns the hash value, as a string of 32 hexadecimal digits.

       $ppr->match(PASSPHRASE)
       $ppr->as_rfc2307
	   These methods are part of the standard Authen::Passphrase interface.

SEE ALSO

       Authen::Passphrase, Digest::MD5

AUTHOR

       Andrew Main (Zefram) <zefram@fysh.org>

COPYRIGHT

       Copyright (C) 2006, 2007, 2009, 2010, 2012 Andrew Main (Zefram) <zefram@fysh.org>

LICENSE

       This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

perl v5.14.2							    2012-02-07				     Authen::Passphrase::NetscapeMail(3pm)
All times are GMT -4. The time now is 10:26 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy