Get APLawrence.com by RSS
This article is from a FAQ concerning SCO operating
systems. While some of the information may be applicable to any OS,
or any Unix or Linux OS, it may be specific to SCO Xenix, Open
Desktop or Openserver.
There is lots of Linux, Mac OS X and general Unix info elsewhere on
this site: Search this site is the best
way to find anything.
Unix, Xenix and ODT General FAQ
How can I increase the number of characters that are significant in passwords?
(This applies to 3.2v4.x and up)
Two factors control passwords: the maximum length that a generated password can be, and how much of a password is significant.
Both parameters are in /etc/auth/system/default.
default:\
:d_name=default:\
:u_pwd=*:\
:u_priority#0:u_cmdpriv=audittrail,su,queryspace,printqueue,mem,terminal:\
:u_syspriv=execsuid,nopromain,chmodsugid,chown:\
:u_minchg#0:u_maxlen#80:u_exp#0:u_life#0:\
:u_pickpw:u_genpwd:u_restrict@:u_nullpw:\
:u_suclog#0:u_unsuclog#0:u_maxtries#99:u_lock:\
:u_singleuserpswd:u_secclass=c2:u_integrity@:u_tcbpw@:\
:u_pwseg#2:\
:t_logdelay#1:t_maxtries#99:t_login_timeout#60:\
:chkent:
In the above example, u_maxlen#80 means that generated passwords can be up to 80 characters long. That affects the password generator program only. The u_pwseg#2 limits the significance to 2 segments or 16 bytes (2 * 8). If you wanted 24 characters to be significant, you'd change it to u_pwseg#3.
Note that the u_maxlen doesn't stop you from telling the password program that you have a longer password-you can enter whatever you like. Also, if you aren't using the generator, all you need to change is u_pwseg to have more significant characters.
Thanks to Roger Cornelius for pointing out inaccuracies in the original article. I had thought that u_maxlen had to be equal or greater than u_pwseg * 8; they are completely unrelated.
You are supposed to be able to use useradd or usermod to change the significant segments for a specific user. According to the man page for useradd, this should work:
usermod -x "{ passwdSignificantSegments 2 }" username
But I've found it just complains that there is no attribute "passwdSignificantSegments".
Recently Gerald Monds explained why I had that problem:
From the man pages... changing "passwdSignificantSegments" is a system default change and not user specific. The man pages say it cannot be used without "-D"
So the correct syntax should be
usermod -D -x "{passwdSignificantSegments 2}"
Enter your email address for automatic notification of new posts here
(be sure to whitelist 'feedburner.com' if you use spam filtering)
| Views for this page | ||||
|---|---|---|---|---|
| Today | This Week | This Month | This Year | Overall |
| 2 | 8 | 15 | 15 | 2,461 |
Have you tried Searching this site?
Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates
This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more. We appreciate comments and article submissions.
larryi@ccamedical.com SCO OS5, Debian Linux, RedHat Linux, MySQL, Apache, AJAX development using dXport/dL4/Unibasic, Windows Connectivity, Sharing Resouces, Automation, Shell Scripting
UBB Computer Services Support for Openserver, Unixware and Linux. Windows integration with Unix/Linux servers. Hardware, Backup and Networking issues. Located near Sacramento CA, we provide onsite support throughout Northern CA and Nationwide via remote access. We are a SCO Authorized Partner and a Microlite BackupEdge Certified Reseller.
http://www.breakthru.com.au SCO (Openserver and Unixware), Unix, Solaris and Linux Consulting services including: Secure Networking Solutions; Linux based Firewalls; Backup Solutions; Secure Home to Office Network Setup; Phone, Remote and On-Site Support available - Satisfaction Guaranteed!
Click here to add your comments