Subject: Re: new bcrypted passwd and daily script
To: Eric Jacoboni <jaco@teaser.fr>
From: None <xs@kittenz.org>
List: current-users
Date: 06/18/2002 22:50:22
on Tue, Jun 18, 2002 at 08:52:08PM +0200, Eric Jacoboni wrote:
> I've noticed it break my daily security report. I get:
> 
> Checking the /etc/master.passwd file:
> Login jo is off but still has a valid shell (/usr/local/bin/ksh93)
> Login jack is off but still has a valid shell (/usr/local/bin/ksh93)
> 
> But jo and jack are still on... I suppose the new encrypted password
> format is the culprit. Did i miss some config point ?

Does this fix it for you?
(I think a regex would be better than testing lengths but..)

--- /etc/security.orig	Tue Jun 18 19:48:21 2002
+++ /etc/security	Tue Jun 18 19:48:38 2002
@@ -206,6 +206,7 @@
 		if (length($2) != 13 &&
 		    length($2) != 20 &&
 		    length($2) != 34 &&
+		    length($2) != 60 &&
 		    $2 != "" &&
 		    $2 !~ /^\*[A-z-]+$/ &&
 		    $1 != "toor") {