---------- Forwarded Message -----------
From: "Néstor Amigo Cairo" <email@example.com>
To: "Jim Kronebusch" <firstname.lastname@example.org>
Sent: Wed, 12 Dec 2007 19:05:47 +0100
Subject: Re: Force Strong Passwords in Ubuntu
Yes, it should be a great idea, I was thinking about it yesterday, when I
was using CentOS 4 (which has it), but I don't know why it's not included.
Maybe it should be just tested and implemented, and put as an option, since
there should be people not interested in. But it should have the option.
Does the Server version implement it?? It definitely SHOULD. :-S
2007/12/12, Jim Kronebusch <email@example.com>:
> I have been working on changing things over to enforce strong
> passwords. I could not
> find anything built in and ready to go (running Edubuntu 7.04). I did see
> /etc/pam.d/common-password that there were references to enable cracklib,
> but this
> doesn't seem the most feature rich. I did a lot of reading and found
> (http://www.openwall.com/passwdqc/) to be a very good tool for doing
> this. I have it
> set up and it works great at terminal with the passwd command. However
> the "About Me"
> tool for users to change their information does not recognize the new
> features. It
> works as long as I choose a password that meets the criteria, but if I
> don't the change
> password dialog just freezes until I quit. So I am wondering if there are
> any tricks to
> get this to work (the terminal will give a dialog of what criteria needs
> to be met, and
> if that isn't met it will give you a decent idea of why your password
> didn't meet it and
> let you try again). Or maybe it is only configured to work with cracklib,
> and that is
> why I have trouble.
> If this isn't possible currently, it seems like this would be a very good
> feature to
> implement in the future, especially since Edubuntu with LTSP is a
> server. A gui method
> to enable strong password support and to configure options would be
> great. But first
> the ability to integrate this with the end user password change tools
> would be very nice.
> For UDS in Boston I suggested focusing on Edubuntu as not only a desktop
> project, but as
> a high end, high load server. This is one feature that would be along
> those lines as
> strong passwords in a terminal server environment is a very good idea,
> especially if
> opened up for outside access with SCP and such.
> Jim Kronebusch
> Cotter Tech Department
> This message has been scanned for viruses and
> dangerous content by the Cotter Technology
> Department, and is believed to be clean.
> edubuntu-devel mailing list
> Modify settings or unsubscribe at: