Solved

15 Character Passwords on Unix/Solaris.

Posted on 2007-03-27
10
1,489 Views
Last Modified: 2013-12-04
Is there any functionality issues with a 15 character password on UNIX/Solaris machines – or those that communicate with non UNIX/Solaris machines?
0
Comment
Question by:jbowlin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 45

Expert Comment

by:Kent Olsen
ID: 18801500
Hello jbowlin,

If you're staying within the unix realm, a 15 character password shouldn't be an issue.  (Though that sounds like overkill to me.....)

Some applications, particularly some IBM products, require shorter passwords.


Good Luck,
Kent
0
 
LVL 48

Expert Comment

by:Tintin
ID: 18804433
By default Solaris (and most other Unix flavours) will only recognise the first 8 characters of a password.

So if you set your password to

abcdefgh123

You could type in

acbdefgh38udsfkhsfksfu

or

abcdefgh

and your password would be accepted.

You can increase the maximum length of passwords on Solaris =>9 systems to 255 characters, by editing /etc/security/policy.conf and set

CRYPT_ALGORITHMS_ALLOW=1,2a,md5
CRYPT_ALGORITHMS_DEPRECATE=__unix__
CRYPT_DEFAULT=1
0
 
LVL 38

Expert Comment

by:yuzh
ID: 18805101
For Solaris you can edit /etc/default/passwd file to have longer password length
PASSLENGTH=x

But keep in mind, many application has a limit to 8 char for
password, eg the old Solstice adm suit for NIS+ etc.
0
Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today - https://crimsonthorn.net

 

Author Comment

by:jbowlin
ID: 18810110
This is for Solaris 8.
It is a mandated by a Government Agency no choice in the matter.
0
 
LVL 48

Expert Comment

by:Tintin
ID: 18812201
With Solaris 8, you are stuck with a maximum recognised password length of 8.
0
 
LVL 38

Expert Comment

by:yuzh
ID: 18813134
You can set:
PASSLENGTH=15
to require passwords to be a minimum of 15 charts (if you are using /etc/passwd /etc/shadow files) but soem other app
might not like it.  (It can become an app issure, not the OS issue).
0
 
LVL 48

Accepted Solution

by:
Tintin earned 500 total points
ID: 18813268
yuzh.

Setting PASSLENGTH to 15 is pretty pointless when the last 7 characters of the password are going to be ignored.
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 19076015
BTW this was fixed in Solaris 10
0
 
LVL 48

Expert Comment

by:Tintin
ID: 19081940
Chris.

Wasn't really "fixed" in Solaris 10.  Solaris =>9 has the option to set MD5 passwords (as used on BSD/Linux) in /etc/security/policy.conf, which has a maximum password length of 255.

Setting PASSLENGTH without changing this setting, still won't make any difference.
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

FreeBSD on EC2 FreeBSD (https://www.freebsd.org) is a robust Unix-like operating system that has been around for many years. FreeBSD is available on Amazon EC2 through Amazon Machine Images (AMIs) provided by FreeBSD developer and security office…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.
Suggested Courses

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question