I have been working on changing things over to enforce strong passwords. I could not
find anything built in and ready to go (running Edubuntu 7.04). I did see in
/etc/pam.d/common-password that there were references to enable cracklib, but this
doesn't seem the most feature rich. I did a lot of reading and found passwdqc
(http://www.openwall.com/passwdqc/) to be a very good tool for doing this. I have it
set up and it works great at terminal with the passwd command. However the "About Me"
tool for users to change their information does not recognize the new features. It
works as long as I choose a password that meets the criteria, but if I don't the change
password dialog just freezes until I quit. So I am wondering if there are any tricks to
get this to work (the terminal will give a dialog of what criteria needs to be met, and
if that isn't met it will give you a decent idea of why your password didn't meet it and
let you try again). Or maybe it is only configured to work with cracklib, and that is
why I have trouble.
If this isn't possible currently, it seems like this would be a very good feature to
implement in the future, especially since Edubuntu with LTSP is a server. A gui method
to enable strong password support and to configure options would be great. But first
the ability to integrate this with the end user password change tools would be very nice.
For UDS in Boston I suggested focusing on Edubuntu as not only a desktop project, but as
a high end, high load server. This is one feature that would be along those lines as
strong passwords in a terminal server environment is a very good idea, especially if
opened up for outside access with SCP and such.
Cotter Tech Department
This message has been scanned for viruses and
dangerous content by the Cotter Technology
Department, and is believed to be clean.
edubuntu-devel mailing list
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-devel