search for: pwquality

...nfo can be found at https://wiki.debian.org/SimpleBackportCreation # ------------------- # Install general build dependencies apt-get install devscripts build-essential debian-keyring # If you haven't done this before, you will have to initialize gpg gpg -k # First we need to backport the libpwquality package: # Download source package for libpwquality. You can get the link from https://packages.debian.org/jessie/libpam-pwquality (or the sid equivalent) dget -x http://ftp.de.debian.org/debian/pool/main/libp/libpwquality/libpwquality_1.2.3-1.dsc # Install build dependencies for libpwquality apt...

Jun  9 15:51:55 rorecovery1 sshd[6325]: fatal: Access denied for user ahk at partners.org by PAM account configuration [preauth] on the ssh server system run pam-auth-update select kerberos auth if its not there install pam-krb5  and try again. gr Louis Op 9 jun. 2016 om 21:56 heeft Kaplan, Andrew H. <AHKAPLAN at PARTNERS.ORG> het volgende geschreven: Jun  9 15:51:55

On Mon, Feb 2, 2015 at 4:17 PM, Warren Young <wyml at etr-usa.com> wrote: >> > Let?s flip it around: what?s your justification *for* weak passwords? > You don't need to write them down. Or trust some 3rd party password keeper to keep them. Whereas when 'not weak' is determined by someone else in the middle of trying to complete something, you are very likely to

...on, Feb 2, 2015 at 4:17 PM, Warren Young <wyml at etr-usa.com> wrote: >>> >> Let?s flip it around: what?s your justification *for* weak passwords? >> > You don't need to write them down. The new rules are: 1. At least 8 characters. 2. Nothing that violates the pwquality rules: http://linux.die.net/man/8/pam_pwquality Are you telling me you cannot memorize a series of 8 characters that do not violate those rules? I?m the first to fight boneheaded ?password security? schemes like a required change every N weeks, but this is not that. Spend a bit of time, co...

Hello -- When I ran the pam-auth-update command, the PAM configuration window did list Winbind NT/Active Directory authentication as being enabled. This was in addition to the following also being active: Pwquality password strength checking Unix authentication SSS authentication LDAP Authentication Register user sessions in the systemd control group hierarchy Inheritable Capabilites Management I ran the apt-get install pam-krb5 command syntax, but there is no listing of the package for the 14.04 release of...

...computers, it's testing Fedora. Many testers do dozens of installs per week, some do dozens per day. The password requirement is pretty annoying, I for one haven't tested it since I worked with the first build that includes the change. Why? While ostensibly it's an 8 character minimum, pwquality is sufficiently capricious that 8 characters is frequently insufficient. I tried about a dozen times and failed, gave up, and went with an ill advised 10 character password that I forgot within 30 minutes after the installation was complete. The problem is the decision to stop innovating ways to i...

Warren Young wrote: > The new rules are: > > 1. At least 8 characters. > > 2. Nothing that violates the pwquality rules: > > http://linux.die.net/man/8/pam_pwquality The 7 rules listed in this URL seem utterly bizarre to me. The first is "Don't use a palindrome" which makes me wonder if the author knows the meaning of this word. I suspect he/she thinks it means "a known word bac...

On Mon, 17 Aug 2020 16:37:20 -0500 Gregory P. Ennis wrote: > "This system is not registered to Red Hat Subscription Management. You can use > subscription-manager to register." It sounds like you have something installed that doesn't need to be or shouldn't be installed. Under what circumstances does that message appear? I haven't seen it on any of my C8 systems,

...*not* "security theatre?. > I'm guessing you're not a tester I write software for a living. Testing is not my primary job, but I do a fair bit of it. > or much of a home user. I use computers at home far more than is good for me. :) My home passwords have passed the new libpwquality rules for *years*. My iOS ones do, too, by the way, despite the increased difficulty of typing them. I put too much of my life on them to use 4-digit PINs. > There are > many such people using OS X, Windows, and yes Fedora and likely > CentOS, where environments and use case preclude co...

...rch 0.3.3-10.el8 @AppStream 28 k python3-ordered-set noarch 2.0.2-4.el8 @AppStream 15 k python3-pid noarch 2.1.1-7.el8 @AppStream 33 k python3-productmd noarch 1.11-3.el8 @AppStream 241 k python3-pwquality x86_64 1.4.0-9.el8 @BaseOS 21 k python3-pyparted x86_64 1:3.11.0-13.el8 @AppStream 368 k python3-requests-file noarch 1.4.3-5.el8 @AppStream 9.4 k python3-requests-ftp noarch 0.3.1-11.el8...

...No space left on device tar: ./etc/ssh/moduli: Cannot write: No space left on device tar: ./etc/openldap/ldap.conf: Cannot write: No space left on device tar: ./etc/mtools.conf: Cannot write: No space left on device tar: ./etc/libuser.conf: Cannot write: No space left on device tar: ./etc/security/pwquality.conf: Cannot write: No space left on device tar: ./etc/krb5.conf: Cannot write: No space left on device tar: ./etc/sysconfig/ip6tables-config: Cannot write: No space left on device tar: ./etc/sysconfig/iptables-config: Cannot write: No space left on device tar: ./etc/xtables/connlabel.conf: Cannot...

...No space left on device tar: ./etc/ssh/moduli: Cannot write: No space left on device tar: ./etc/openldap/ldap.conf: Cannot write: No space left on device tar: ./etc/mtools.conf: Cannot write: No space left on device tar: ./etc/libuser.conf: Cannot write: No space left on device tar: ./etc/security/pwquality.conf: Cannot write: No space left on device tar: ./etc/krb5.conf: Cannot write: No space left on device tar: ./etc/sysconfig/ip6tables-config: Cannot write: No space left on device tar: ./etc/sysconfig/iptables-config: Cannot write: No space left on device tar: ./etc/xtables/connlabel.conf: Cannot...

...s for a while. Google and Facebook too. No one likes them. And our trust in them is diminishing. They are not long term tenable. Making longer ones compulsory already causes companies who do so grief as people complain vociferously about such policies. > I have no strong feelings on the new libpwquality rules, exactly. What I do feel strongly about is that there should be *some* reasonable minima that can?t easily be bypassed. This idea that opt in is not sufficient demonstrates how archaic and busted computer security is when you have to become coercive to everyone regardless of use case to mak...

On Tue, February 3, 2015 14:01, Valeri Galtsev wrote: > > On Tue, February 3, 2015 12:39 pm, Les Mikesell wrote: >> On Tue, Feb 3, 2015 at 12:24 PM, Valeri Galtsev >> <galtsev at kicp.uchicago.edu> wrote: >>> >>> Sounds so I almost have to feel shame for securing my boxes no >>> matter what job vendor did ;-) >> >> Yes, computers and