password verification verify password of a user for only first 8 characters


 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users password verification verify password of a user for only first 8 characters
# 1  
Old 10-17-2008
password verification verify password of a user for only first 8 characters

Helo ,
I m using linux pam library for user and its password authentication.
I m creating new user and giving its password.I m giving password of 10 characters.now when I login in as that newly created user its ask me

$ su - ram
Password:
You are required to change your password immediately (root enforced)
Changing password for ram
(current) UNIX password:
I m giving my current passwd

(new) Password :

I m giving my new passwd of 10 characters.

Now i m log off and again login as that user

Now when I give my password more only first 8 characters then also It allows me to login

how come this happen?

I also observed that it verify the password for first 8 characters.

can you tell me how to overcome this problem.

Regards,
Amit
# 2  
Old 10-17-2008
Check this file:
/etc/pam.d/common-password

Look for:
password required pam_unix.so nullok obscure min=4 max=8 md5

Linux systems have 256 character limit. Also, you can change and/or extend the limit to 10 characters in Unices (I think!).

HTH,


Sorry for all these edits....
Nitin Smilie

Last edited by nitin; 10-17-2008 at 01:45 PM..
# 3  
Old 10-20-2008
Quote:
Originally Posted by nitin
Check this file:
/etc/pam.d/common-password

Look for:
password required pam_unix.so nullok obscure min=4 max=8 md5

Linux systems have 256 character limit. Also, you can change and/or extend the limit to 10 characters in Unices (I think!).

HTH,


Sorry for all these edits....
Nitin Smilie
Hi nitin thx for reply.

I have check thhe entry of file passwd in /etc/pam.d . the entrty for this is:

#%PAM-1.0
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth


so how do I change passwd limit
# 4  
Old 10-20-2008
Quote:
Originally Posted by amitpansuria
Hi nitin thx for reply.

I have check thhe entry of file passwd in /etc/pam.d . the entrty for this is:

#%PAM-1.0
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth


so how do I change passwd limit
also see my /etc/pam.d/system-auth entry are given bewlo

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth required /lib/security/$ISA/pam_deny.so

account required /lib/security/$ISA/pam_unix.so
account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account required /lib/security/$ISA/pam_permit.so

password requisite /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password required /lib/security/$ISA/pam_deny.so

session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
# 5  
Old 10-21-2008
Sorry buddy for the delayed response. Can you do an ls -l on this dir:
/etc/pam.d
I'm looking for /etc/pam.d/common-password file. Anyhow, I'm guessing that this line in /etc/pam.d/system-auth may be the key:
Code:
 password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow

I'll try to find out more on it.

-Nitin
# 6  
Old 10-21-2008
I think I'm pretty sure that you can set the password limit here, in your /etc/pam.d/login file (you will have to add this line below):

Code:
 password   required   pam_unix.so nullok obscure min=4 max=8

You can change max value to whatever you want. Going through man pages, max is not documented, but the functionality is there. Also, before any changes make sure you backup your files.

-Nitin Smilie
# 7  
Old 10-22-2008
Quote:
Originally Posted by nitin
I think I'm pretty sure that you can set the password limit here, in your /etc/pam.d/login file (you will have to add this line below):

Code:
 password   required   pam_unix.so nullok obscure min=4 max=8

You can change max value to whatever you want. Going through man pages, max is not documented, but the functionality is there. Also, before any changes make sure you backup your files.

-Nitin Smilie
Hi Nitin thx for your reply.

/etc/pam.d/passwd file contains following(its passwd file not common-passwd)

#%PAM-1.0
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth


#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth required /lib/security/$ISA/pam_deny.so

account required /lib/security/$ISA/pam_unix.so
account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account required /lib/security/$ISA/pam_permit.so

password requisite /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password required /lib/security/$ISA/pam_deny.so

session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so




My problem is that suppose create a user and give a 12 character password . It will accept this password.

But when I logg off and again login and now I give first 8 character then only It will accept password. So it menas it validates only first 8 character.

yr help will be highly appreciated.
Regards,
Amit
A
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Forum Support Area for Unregistered Users & Account Problems

Password sent via reset password email is 'weak' and won't allow me to change my password

I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login. Following the provided link I attempted to update my password to one of my own... (1 Reply)
Discussion started by: Rich Marton
1 Replies

2. Shell Programming and Scripting

Random Password generator with 2 digits and 6 characters

I am using the below to random generate a password but I need to have 2 numeric characters and 6 alphabetic chars head /dev/urandom | tr -dc A-Za-z0-9 | head -c 8 ; echo '' 6USUvqRB ------ Post updated at 04:43 PM ------ Any Help folks - Can the output be passed onto a sed command to... (9 Replies)
Discussion started by: infernalhell
9 Replies

3. OS X (Apple)

OSX verify username and password in one line

I'm writing a script that has the need to verify the current user's username and password. I'm not entirely sure how to do this. I've read some things on "dscl" but am not sure that's the correct route for me to go. The one condition i have is that i really need to have the verification happen... (4 Replies)
Discussion started by: TheDrizzle
4 Replies

4. Shell Programming and Scripting

how to remove the non : characters after the password in shadow file?

On SPARC Solaris 10. I set the app account so it's expired. I also want it so not required to change password at first login, I can do this by removing the numbers after the password in /etc/shadow. example using user1 The /etc/shadow file looks like this: user1:kOmcVXAImRTAY:0::::90:: ... (8 Replies)
Discussion started by: TKD
8 Replies

5. UNIX for Dummies Questions & Answers

printing password having special characters

Hi I have a password stored in a file (which is a user input) The password is having the special character $ say the password is pw$ord and is stored in the file pw_note I am using the following statement to store the passowrd in a variable $schema_pwd = `cat $dir/pwd_note` ; Now if i print... (4 Replies)
Discussion started by: ssuresh1999
4 Replies

6. Shell Programming and Scripting

Terminal-specific characters in password

Good morning! I am using a shell script to back up user email files to a remote location. The problem is, one (and apparently more than one) users have the symbol "@" in their password. As you can see from the line: /sbin/mount_smbfs... (5 Replies)
Discussion started by: PittWolfBW
5 Replies

7. Solaris

Password without numeric characters

G'day guys, Just a simple question: Is it possible to set user's passwords without numeric characters? I prefer to have passwords as simple words, but when going through SMC, i get an error that the first six characters must contain at least 2 alphabetic and 1 numeric. Server is a Sun... (3 Replies)
Discussion started by: drchris
3 Replies

8. Shell Programming and Scripting

verify sudo password

edited and removed (0 Replies)
Discussion started by: mdpalow
0 Replies

9. UNIX for Dummies Questions & Answers

How to echo password characters

Hi All, I was wondering, how can I echo password using a character such as '*' in unix? In my machine, password is not echoed, so it is only blank space when I enter any password. So, when I enter a command such as "lock", how can I set the echo character to "*" or something else for... (4 Replies)
Discussion started by: mukluk
4 Replies
Login or Register to Ask a Question