SPUG:help with good passwords
Adam Monsen
adamm at wazamatta.com
Wed May 14 00:07:05 CDT 2003
Brian Hatch wrote:
>
>>My challenge is that passwd keep strict rules about
>>what kind of passwords are good (not based on a
>>dictionary word, at least n characters), and will
>>error if the password is bad.
>
>
> It's probably using cracklib.
>
>
> Here's what I wrote years ago (still works)
compile-time errors:
- bail is not a function name
- looks like you included the last half of a heredoc (ending in 'EOM')
but forgot the operator to start the heredoc
potential runtime errors:
- /usr/sbin/crack_testlib doesn't exist on my system (is it supposed to?)
The following works for me... strange lookin' Perl, though. :)
#!/usr/bin/perl -w
use strict;
use Inline C => Config => LIBS => '-lcrack';
use Inline C => <<'END_C';
#include <crack.h>
void test_pw(const char *pw, const char *dict_path)
{
char *msg;
msg = FascistCheck(pw, dict_path);
if (msg)
printf("MSG: %s\n", msg);
else
printf("Password accepted.\n");
return 0;
}
END_C
# intentionally designed to work only on my box.
# don't really use this.
test_pw("foo", "/usr/lib/cracklib_dict");
> # try cracklib
> use FileHandle;
> use IPC::Open2;
> open2(*RD, *WR, "/usr/sbin/crack_testlib") or bail "crack_testlib
> failed";
> print WR "$NEWPW\n" or bail "Couldn't write";
>
> close WR;
> my($pw,$reason);
> while (<RD>) {
> ($pw,$reason) = split /: /;
>
> # Strip trailing space
> $reason =~ s/\s*$//g;
>
> if ($pw eq $NEWPW) {
> last if ($reason eq 'ok')
> }
> }
> close RD;
>
> if ( $reason ne "ok" ) {
> <h2>Password Strength Error</h2>
> Sorry, the password you supplied is not strong enough.
> The automated password checking routine said the following:
> <p>
> <b>"$reason"</b>
> <p>
> Please go back and try again with a stronger password.
> EOM
> }
More information about the spug-list
mailing list