Subject: Re: Password lenght
To: None <email@example.com>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
Date: 03/28/2002 03:35:50
>> What makes you think long passwords aren't supported?
> This easy test makes me think so :()
> I set a password lets say qwerty123456 then i try to login
> Login: root
> Password: ( i here type qwerty12 and enter)
> VIOLA im logged in....
I looked at this in more detail. Based on my 1.4T source tree:
Longer passwords are supported, but for passwd(1) to set them you have
to build it with NEWSALT defined. Add -DNEWSALT to CPPFLAGS in
usr.bin/passwd/Makefile and rebuild and reinstall passwd.
Why NEWSALT isn't defined by default I can only guess. I would guess
it is for the sake of compatability with other OSes that still use the
antique password hashing algorithm - which really doesn't make any
sense unless YP is in use.
Alternatively, you could write a tiny program to call crypt(3) with a
suitable salt string to get a new password hash, and install that in
master.passwd by hand. Ugly, but perhaps workable if you don't need to
change your passwords that often.
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML firstname.lastname@example.org
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B