Re: password length
Ethan,
MD5 as an algorithm supports a theoretically infinitely sized password (or
other string), though of course it becomes less secure as the string's
size increases. That said, I think the maximum password length supported
by glibc (and, thus, PAM) is 128 bytes long.
Indeed, PAM is a potato thing, and as far as I know, everything in
/etc/login.defs is rendered obsolete by PAM.
Regards,
Alex.
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCM d- s:+ a--- C++++ UL++++ P L+++ E W++ N o-- K- w
O--- M- V- PS+ PE- Y PGP t+ 5 X- R tv+ b DI--- D+
G e-- h++ r--- y
------END GEEK CODE BLOCK------
On Wed, 15 Mar 2000, Ethan Benson wrote:
> On Wed, Mar 15, 2000 at 07:18:21PM -0600, Kama Lar wrote:
> > On Wed, Mar 15, 2000 at 04:18:43PM -0700, Kevin wrote:
> > > I find my rather upset that by default slink only allows a password length
> > > of 7 characters max. Unfortunately I am not sure how to change it, and
> >
> > [clipped for sake of brevity]
> >
> > Enable md5 in /etc/pam/passwd, and in /etc/login.defs
>
> (actaully its /etc/pam.d/passwd but pam is a potato thing)
>
> there is also a PASS_MAX_LEN which is set to 8 by default, I presume
> this has to be increased, (or is it obsolete with PAM??) what is the
> maximum password length that MD5 supports?
>
> --
> Ethan Benson
> http://www.alaska.net/~erbenson/
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: