On Mon, Jan 27, 2003 at 01:15:56PM +0800, -JhAzEr- wrote: > On Mon, 2003-01-27 at 11:12, pilip wrote: > > badpasswod: it's way too short <- got this 3 times, maybe because of the > > retry=3 parameter > > > > and then this: > > > > passwd: authentication token manipulation error > > Your last error was caused by trying to change your password with a > blank one. If you say you can do it while root (single character > password), then the (problem?) lies with the user setting (on changing > password) or the Linux-PAM itself. > If you really need this kind of setup, one alternative (might work) is > by using LDAP to authenticate your users (with user ACL's for changing > their own passwords) instead of (designed for security) Linux-PAM ;)
He doesn't _need_ to shift to LDAP. Since modifying /etc/login.defs doesn't work, the solution lies elsewhere. He needs to look at his pam settings, usually in /etc/pam.d (at least on Debian that's where it is). There will be two files of interest, namely login and passwd. (i.e. /etc/pam.d/login and /etc/pam.d/passwd) The appropriate modification here would be to change the entries for password to read something like: password required pam_unix.so nullok min=1 max=8 md5 instead of: password required pam_unix.so nullok obscure min=4 max=8 md5 Note that setting the min value at 1 and leaving the obscure option in will still result in errors because the system will do some extra checking and a single character password will not pass this. So he should remove the obscure option. Don't try to help solving his problem by recommending something more complex to setup. Help him find out where the problem is and attack -that- problem. -- ___ eric pareja (xenos AT maharlika.upm.edu.ph) \e/ [ Philippine Linux Users' Group ] Linux User #8159 http://counter.li.org _v_ [ Python Power! ] [ Debian Rocks! ] [ Unwitty Saying Here! ] [] Software & ___ [ Free the books! http://www.bookcrossing.com/referral/pusakat ] Freedom "Open the doors so you don't have to go through windows." - e. pareja [<http://catalog.com/hopkins/unix-haters/login.html>] _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
