Displaying 2 results from an estimated 2 matches for "passwordqualitychecking".
2015 Jul 28
0
Fedora change that will probably affect RHEL
...ou get past a LAN/WAN border firewall.
A border gateway doesn?t help you with weak SSH passwords if a box on the LAN gets pwned and turned into an SSH password guesser.
The effort to get stronger password minima into Fedora goes back at least four years:
https://fedoraproject.org/wiki/Features/PasswordQualityChecking
If it?s finally time to get it into Fedora, it?s *long* past time to get it into RHEL/CentOS, since those boxes are statistically far more likely to be directly exposed to the Internet.
> When root can override a password policy after install, forcing a policy
> during install is nothing bu...
2015 Jul 28
11
Fedora change that will probably affect RHEL
Once upon a time, Warren Young <wyml at etr-usa.com> said:
> Much of the evil on the Internet today ? DDoS armies, spam spewers, phishing botnets ? is done on pnwed hardware, much of which was compromised by previous botnets banging on weak SSH passwords.
Since most of that crap comes from Windows hosts, the security of Linux
SSH passwords seems hardly relevant.
> Your freedom to use