On Tue, Oct 22, 2002 at 09:42:29AM -0500, Ansel, Kenny L. (Sytex Contractor) wrote: > Does anyone know of a NATIVE way that will force users to create a password > containing uppercase, lowercase, alpha, and numeric characters? > > The /etc/default/passwd does the MIN & MAX and length........ > > > If there aren't any NATIVE ways, can you all gimme some good 3rd party > utilities or passwd replacements that you use to enforce a stronger passward > construction??
In a word PAM. Password has PAM support built into it. There are a number of Linux PAM modules that tie into cracklib and similar products. Cracklib will perform the same types of checks on a password that Crack (or John the Ripper or L0phtCrack) does. Take a look at the linux PAM pages on kernel.org (I think thats were they are). If there isn't one with Solaris support, they usually aren't that difficult to port to Solaris (the port of pam_wheel took 15 minutes, and about 10 lines of code). ----------------------------------------------------------------------- __o Bradley Arlt Security Team Lead _ \<_ [EMAIL PROTECTED] University Of Calgary (_)/(_) I should be biking right now. Computer Science