search for: libpwquality

...g info can be found at https://wiki.debian.org/SimpleBackportCreation # ------------------- # Install general build dependencies apt-get install devscripts build-essential debian-keyring # If you haven't done this before, you will have to initialize gpg gpg -k # First we need to backport the libpwquality package: # Download source package for libpwquality. You can get the link from https://packages.debian.org/jessie/libpam-pwquality (or the sid equivalent) dget -x http://ftp.de.debian.org/debian/pool/main/libp/libpwquality/libpwquality_1.2.3-1.dsc # Install build dependencies for libpwquality apt...

...default. You have to dig into the pref panes and tick an obscurely-named checkbox to enable it. > Their online services are another > matter, those I've made very clear they will be strong or they don't > get to play. The Apple ID password rules are a fair bit stronger than the libpwquality rules we?ve been discussing here, and have been so for some time: https://support.apple.com/en-us/HT201303 Given that recent OS X releases want to use your Apple ID as the OS login credentials, that effectively makes these the OS password quality rules, too. Fedora is late to the party, and Ce...

...are *not* "security theatre?. > I'm guessing you're not a tester I write software for a living. Testing is not my primary job, but I do a fair bit of it. > or much of a home user. I use computers at home far more than is good for me. :) My home passwords have passed the new libpwquality rules for *years*. My iOS ones do, too, by the way, despite the increased difficulty of typing them. I put too much of my life on them to use 4-digit PINs. > There are > many such people using OS X, Windows, and yes Fedora and likely > CentOS, where environments and use case preclude co...

> On Jul 28, 2015, at 5:46 PM, Warren Young <wyml at etr-usa.com> wrote: > > The Apple ID password rules are a fair bit stronger than the libpwquality rules we?ve been discussing here, and have been so for some time: > > https://support.apple.com/en-us/HT201303 > > Given that recent OS X releases want to use your Apple ID as the OS login credentials, that effectively makes these the OS password quality rules, too. Disingenuous. It...

On Wed, Jul 29, 2015 at 2:15 PM, Warren Young <wyml at etr-usa.com> wrote: > Just because one particular method of prophylaxis fails to protect against all threats doesn?t mean we should stop using it, or increase its strength. Actually it does.There is no more obvious head butting than with strong passwords vs usability. Strong login passwords and usability are diametrically opposed.

...ords for a while. Google and Facebook too. No one likes them. And our trust in them is diminishing. They are not long term tenable. Making longer ones compulsory already causes companies who do so grief as people complain vociferously about such policies. > I have no strong feelings on the new libpwquality rules, exactly. What I do feel strongly about is that there should be *some* reasonable minima that can?t easily be bypassed. This idea that opt in is not sufficient demonstrates how archaic and busted computer security is when you have to become coercive to everyone regardless of use case to mak...

...could get behind that. Six random characters pulled only from the unambiguous subset of the alphanumeric set, no uppercase, and one symbol gets you a password that should withstand constant pounding for the life of the machine. I could live with that minimum. I have no strong feelings on the new libpwquality rules, exactly. What I do feel strongly about is that there should be *some* reasonable minima that can?t easily be bypassed. Where that level is set is not only a sensible subject for debate, it is one that?s easy to separate from emotion; it?s basically a question of arithmetic. > Making po...

...e perl-Carp perl-Exporter \ perl-Socket perl-File-Temp perl-PathTools perl-Pod-Simple perl apr-util libcroco \ cyrus-sasl-lib libgomp kmod-libs libedit hostname js newt ca-certificates less \ dbus-glib acl libdb-utils findutils xz sysvinit-tools ustr nss-tools \ openssl-libs gzip cracklib-dicts nss libpwquality coreutils shadow-utils \ libutempter nss-sysinit python libssh2 python-pycurl curl rpm python-decorator \ python-slip dbus-python python-kitchen python-backports python-setuptools \ pyliblzma centos-logos kmod openssl nss_compat_ossl bind-libs-lite fipscheck \ httpd-tools libnetfilter_conntrack ipr...

On Tue, Jul 28, 2015 at 5:29 PM, Warren Young <wyml at etr-usa.com> wrote: > On Jul 28, 2015, at 2:27 PM, Chris Murphy <lists at colorremedies.com> wrote: >> >> On Tue, Jul 28, 2015 at 11:27 AM, Warren Young <wyml at etr-usa.com> wrote: >> >>> Your freedom to use any password you like stops at the point where exercising that freedom creates a risk to

Once upon a time, Warren Young <wyml at etr-usa.com> said: > Much of the evil on the Internet today ? DDoS armies, spam spewers, phishing botnets ? is done on pnwed hardware, much of which was compromised by previous botnets banging on weak SSH passwords. Since most of that crap comes from Windows hosts, the security of Linux SSH passwords seems hardly relevant. > Your freedom to use

See this bug for background information: https://bugzilla.redhat.com/show_bug.cgi?id=1350465 Thanks: Tomáš Golembiovský --- v2v/virt-v2v.pod | 38 ++++++++++++++++++++++++++------------ 1 file changed, 26 insertions(+), 12 deletions(-) diff --git a/v2v/virt-v2v.pod b/v2v/virt-v2v.pod index e68d75cf8..0943bf305 100644 --- a/v2v/virt-v2v.pod +++ b/v2v/virt-v2v.pod @@ -1909,18 +1909,32 @@ that

See this bug for background information: https://bugzilla.redhat.com/show_bug.cgi?id=1350465 --- v2v/virt-v2v.pod | 39 +++++++++++++++++++++++++++------------ 1 file changed, 27 insertions(+), 12 deletions(-) diff --git a/v2v/virt-v2v.pod b/v2v/virt-v2v.pod index e68d75cf8..93d1a9ecd 100644 --- a/v2v/virt-v2v.pod +++ b/v2v/virt-v2v.pod @@ -1909,18 +1909,33 @@ that guest through the RHV-M UI,

If the connection is not local, paths of disks will refer to the remote host, which were mistakenly handled as local paths (in the best case failing to open a non-existing disk, and in the worst case opening a different disk!). In case the disks are remote resources like ssh or ceph, nothing guarantees that the hostname can be reached from the local machine, or even that it is actually the same on

Hopefully this time ...