Force Strong Passwords in Ubuntu

I have been working on changing things over to enforce
strong passwords.  I could not
find anything built in and ready to go (running Edubuntu
7.04).  I did see in
/etc/pam.d/common-password that there were references to
enable cracklib, but this
doesn't seem the most feature rich.  I did a lot of reading
and found passwdqc
(http://www.openwall
.com/passwdqc/) to be a very good tool for doing this. 
I have it
set up and it works great at terminal with the passwd
command.  However the "About Me"
tool for users to change their information does not
recognize the new features.  It
works as long as I choose a password that meets the
criteria, but if I don't the change
password dialog just freezes until I quit.  So I am
wondering if there are any tricks to
get this to work (the terminal will give a dialog of what
criteria needs to be met, and
if that isn't met it will give you a decent idea of why your
password didn't meet it and
let you try again).  Or maybe it is only configured to work
with cracklib, and that is
why I have trouble.  

If this isn't possible currently, it seems like this would
be a very good feature to
implement in the future, especially since Edubuntu with LTSP
is a server.  A gui method
to enable strong password support and to configure options
would be great.  But first
the ability to integrate this with the end user password
change tools would be very nice.

For UDS in Boston I suggested focusing on Edubuntu as not
only a desktop project, but as
a high end, high load server.  This is one feature that
would be along those lines as
strong passwords in a terminal server environment is a very
good idea, especially if
opened up for outside access with SCP and such.

Thanks,

Jim Kronebusch
Cotter Tech Department
453-5188


-- 
This message has been scanned for viruses and
dangerous content by the Cotter Technology 
Department, and is believed to be clean.


-- 
edubuntu-devel mailing list
edubuntu-devellists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-devel

---------- Forwarded Message -----------
From: "Néstor Amigo Cairo" <nestoracgmail.com>
To: "Jim Kronebusch" <jimwinonacotter.org>
Sent: Wed, 12 Dec 2007 19:05:47 +0100
Subject: Re: Force Strong Passwords in Ubuntu

Yes, it should be a great idea, I was thinking about it
yesterday, when I
was using CentOS 4 (which has it), but I don't know why it's
not included.
Maybe it should be just tested and implemented, and put as
an option, since
there should be people not interested in. But it should have
the option.
And...
Does the Server version implement it?? It definitely SHOULD.


2007/12/12, Jim Kronebusch <jimwinonacotter.org>:
>
> I have been working on changing things over to enforce
strong
> passwords.  I could not
> find anything built in and ready to go (running
Edubuntu 7.04).  I did see
> in
> /etc/pam.d/common-password that there were references
to enable cracklib,
> but this
> doesn't seem the most feature rich.  I did a lot of
reading and found
> passwdqc
> (http://www.openwall
.com/passwdqc/) to be a very good tool for doing
> this.  I have it
> set up and it works great at terminal with the passwd
command.  However
> the "About Me"
> tool for users to change their information does not
recognize the new
> features.  It
> works as long as I choose a password that meets the
criteria, but if I
> don't the change
> password dialog just freezes until I quit.  So I am
wondering if there are
> any tricks to
> get this to work (the terminal will give a dialog of
what criteria needs
> to be met, and
> if that isn't met it will give you a decent idea of why
your password
> didn't meet it and
> let you try again).  Or maybe it is only configured to
work with cracklib,
> and that is
> why I have trouble.
>
> If this isn't possible currently, it seems like this
would be a very good
> feature to
> implement in the future, especially since Edubuntu with
LTSP is a
> server.  A gui method
> to enable strong password support and to configure
options would be
> great.  But first
> the ability to integrate this with the end user
password change tools
> would be very nice.
>
> For UDS in Boston I suggested focusing on Edubuntu as
not only a desktop
> project, but as
> a high end, high load server.  This is one feature that
would be along
> those lines as
> strong passwords in a terminal server environment is a
very good idea,
> especially if
> opened up for outside access with SCP and such.
>
> Thanks,
>
> Jim Kronebusch
> Cotter Tech Department
> 453-5188
>
>
> --
> This message has been scanned for viruses and
> dangerous content by the Cotter Technology
> Department, and is believed to be clean.
>
>
> --
> edubuntu-devel mailing list
> edubuntu-devellists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/edubuntu-devel

>

-- 
Néstor Amigo Cairo
+34 687 96 74 81
nestoracgmail.com

-- 
This message has been scanned for viruses and
dangerous content by the Cotter Technology 
Department, and is believed to be clean.
------- End of Forwarded Message -------


Jim Kronebusch
Cotter Tech Department
453-5188


-- 
This message has been scanned for viruses and
dangerous content by the Cotter Technology 
Department, and is believed to be clean.


-- 
edubuntu-devel mailing list
edubuntu-devellists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-devel