| Server IP : 85.214.239.14 / Your IP : 3.133.129.64 Web Server : Apache/2.4.62 (Debian) System : Linux h2886529.stratoserver.net 4.9.0 #1 SMP Tue Jan 9 19:45:01 MSK 2024 x86_64 User : www-data ( 33) PHP Version : 7.4.18 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, MySQL : OFF | cURL : OFF | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : OFF Directory : /proc/3/cwd/usr/share/doc/libcrack2/ |
Upload File : |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>cracklib2 - a pro-active password library</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="article"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="ARTICLE"
><DIV
CLASS="TITLEPAGE"
><H1
CLASS="title"
><A
NAME="AEN1"
>cracklib2 - a pro-active password library</A
></H1
><H3
CLASS="author"
><A
NAME="AEN51"
>Jean Pierre LeJacq</A
></H3
><H3
CLASS="author"
><A
NAME="AEN56"
>Martin Pitt</A
></H3
><H3
CLASS="author"
><A
NAME="AEN61"
>Jan Dittberner</A
></H3
><P
CLASS="copyright"
>Copyright © 1998, 1999 Jean Pierre LeJacq</P
><P
CLASS="copyright"
>Copyright © 2003 Martin Pitt</P
><P
CLASS="copyright"
>Copyright © 2008 Jan Dittberner</P
><P
CLASS="pubdate"
>$Date$<BR></P
><DIV
><DIV
CLASS="abstract"
><P
></P
><A
NAME="AEN4"
></A
><P
><SPAN
CLASS="application"
>cracklib2</SPAN
> is a library
containing a C function which may be used in a <A
HREF="/cgi-bin/man/man2html/passwd+1"
TARGET="_top"
>passwd
(1)</A
> like program. The idea is simple: try to prevent
users from choosing passwords that could be guessed by <A
HREF="http://www.crypticide.com/alecm/security/c50-faq.html"
TARGET="_top"
><SPAN
CLASS="application"
><TT
CLASS="filename"
>crack</TT
></SPAN
></A
>
by filtering them out, at
source. <SPAN
CLASS="application"
>cracklib2</SPAN
> is
<SPAN
CLASS="emphasis"
><I
CLASS="emphasis"
>not</I
></SPAN
> a replacement <A
HREF="/cgi-bin/man/man2html/passwd+1"
TARGET="_top"
>passwd
(1)</A
> program. <SPAN
CLASS="application"
>cracklib2</SPAN
> is a
<SPAN
CLASS="emphasis"
><I
CLASS="emphasis"
>library</I
></SPAN
>.</P
><P
><SPAN
CLASS="application"
>cracklib2</SPAN
> is an offshoot of
version 5 of the <A
HREF="http://www.crypticide.org/users/alecm/security/c50-faq.html"
TARGET="_top"
><SPAN
CLASS="application"
><TT
CLASS="filename"
>crack</TT
></SPAN
></A
>
software and contains a considerable number of ideas nicked from
the new software.</P
><P
><SPAN
CLASS="application"
>cracklib2</SPAN
>'s <A
HREF="http://www.crypticide.org/dropsafe/about"
TARGET="_top"
>original home
page</A
> provides some links on security publications and
access to source code written by the author of
<SPAN
CLASS="application"
>cracklib2</SPAN
>. While there is a <A
HREF="README"
TARGET="_top"
>README</A
> there is not much documentation
available on <SPAN
CLASS="application"
>cracklib2</SPAN
>. Hopefully
this page that I generated for the <A
HREF="http://www.debian.org"
TARGET="_top"
>Debian/GNU Linux</A
>
distribution will improve this situation.</P
><P
><SPAN
CLASS="application"
>cracklib2</SPAN
> has been forked by
<FONT
COLOR="RED"
><SPAN
CLASS="firstname"
>Nathan</SPAN
><SPAN
CLASS="surname"
>Neulinger</SPAN
></FONT
>
who is now coordinating the further development. This fork has
been blessed by the original maintainer in <A
HREF="http://www.crypticide.com/dropsafe/article/1019"
TARGET="_top"
>this
article</A
>. The new upstream branch is hosted at the <A
HREF="http://sourceforge.net/projects/cracklib"
TARGET="_top"
><SPAN
CLASS="application"
>cracklib2</SPAN
>
<SPAN
CLASS="trademark"
>SourceForge</SPAN
>™ project page</A
>.</P
><P
></P
></DIV
></DIV
><HR></DIV
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
>1. <A
HREF="#AEN67"
>Why <SPAN
CLASS="application"
>cracklib2</SPAN
>?</A
></DT
><DT
>2. <A
HREF="#AEN72"
>Who is responsible for all of this?</A
></DT
><DT
>3. <A
HREF="#AEN93"
>How to use <SPAN
CLASS="application"
>cracklib2</SPAN
> with
Debian</A
></DT
><DT
>4. <A
HREF="#AEN111"
>Debian <SPAN
CLASS="application"
>cracklib2</SPAN
> package overview</A
></DT
></DL
></DIV
><DIV
CLASS="section"
><H2
CLASS="section"
><A
NAME="AEN67"
>1. Why <SPAN
CLASS="application"
>cracklib2</SPAN
>?</A
></H2
><P
>One of the most common security weaknesses in computer
systems is the use of easily guessed
passwords. <SPAN
CLASS="application"
>cracklib2</SPAN
> tries to prevent
the selection of weak passwords by checking potential passwords
against dictionaries of commonly used or easily guessed
words.</P
></DIV
><DIV
CLASS="section"
><HR><H2
CLASS="section"
><A
NAME="AEN72"
>2. Who is responsible for all of this?</A
></H2
><P
><A
HREF="mailto:alecm@crypticide.com"
TARGET="_top"
>Alec Muffet</A
>
is the author of <SPAN
CLASS="application"
>cracklib2</SPAN
>. <A
HREF="mailto:jplejacq@quoininc.com"
TARGET="_top"
>Jean
Pierre LeJacq</A
>
initially produced this Debian package, <A
HREF="mailto:mpitt@debian.org"
TARGET="_top"
>Martin Pitt</A
>
is its current maintainer. <A
HREF="mailto:jandd@debian.org"
TARGET="_top"
>Jan Dittberner</A
>
packaged the new upstream version of
<SPAN
CLASS="application"
>cracklib2</SPAN
> and updated the
documentation.</P
></DIV
><DIV
CLASS="section"
><HR><H2
CLASS="section"
><A
NAME="AEN93"
>3. How to use <SPAN
CLASS="application"
>cracklib2</SPAN
> with
Debian</A
></H2
><P
>Ideally, the password quality check should be done when an
user sets his/her password. The PAM (Pluggable Authentication
Modules) architecture makes it easy to integrate arbitrary checks
(like <SPAN
CLASS="application"
>cracklib2</SPAN
>) into programs like
<SPAN
CLASS="application"
><TT
CLASS="filename"
>passwd</TT
></SPAN
> and
<SPAN
CLASS="application"
><TT
CLASS="filename"
>ssh</TT
></SPAN
>.</P
><P
>To use <SPAN
CLASS="application"
>cracklib2</SPAN
> in Debian,
install the package <FONT
COLOR="RED"
>libpam_cracklib</FONT
> and follow
the instructions to enable <FONT
COLOR="RED"
>libpam_cracklib</FONT
> in
<TT
CLASS="filename"
>/etc/pam.d/common-password</TT
>.</P
><P
>From now on,<SPAN
CLASS="application"
>cracklib2</SPAN
> checks the
password quality whenever a password is changed with
<SPAN
CLASS="application"
><TT
CLASS="filename"
>passwd</TT
></SPAN
> and rejects
bad ones.</P
></DIV
><DIV
CLASS="section"
><HR><H2
CLASS="section"
><A
NAME="AEN111"
>4. Debian <SPAN
CLASS="application"
>cracklib2</SPAN
> package overview</A
></H2
><P
>The source package is <FONT
COLOR="RED"
>cracklib2</FONT
> which
generates the following binary packages:</P
><P
></P
><DIV
CLASS="variablelist"
><DL
><DT
><FONT
COLOR="RED"
>libcrack2</FONT
></DT
><DD
><P
>Shared library and this
documentation.</P
></DD
><DT
><FONT
COLOR="RED"
>libcrack2-dev</FONT
></DT
><DD
><P
>Header files, static libraries, and symbolic
links developers using <SPAN
CLASS="application"
>cracklib2</SPAN
>
will need. This package also provides an example program that
shows the usage of <SPAN
CLASS="application"
>cracklib2</SPAN
> in own
applications.</P
></DD
><DT
><FONT
COLOR="RED"
>cracklib-runtime</FONT
></DT
><DD
><P
>Run-time support programs which use the shared
library in <FONT
COLOR="RED"
>libcrack2</FONT
> including programs to
build the password dictionary databases used by the functions
in the shared library.</P
></DD
><DT
><FONT
COLOR="RED"
>python-cracklib</FONT
></DT
><DD
><P
>This package provides Python bindings for the
shared library in
<FONT
COLOR="RED"
>libcrack2</FONT
>.</P
></DD
></DL
></DIV
><P
>This package does not include dictionaries since there are
already lots of them in Debian (<FONT
COLOR="RED"
>wenglish</FONT
>,
<FONT
COLOR="RED"
>wngerman</FONT
>, etc.).</P
></DIV
></DIV
></BODY
></HTML
>