cancel
Showing results for 
Search instead for 
Did you mean: 

password

Son dam bi
Advisor

password

In the redhat system , the current password policy is case senitive , can advise how to cancel it ?

for example : if the password is ABC456 , the user can still login the system with abc456 , what can i do ?


please ignore the security issure .

Thx in advance.
6 REPLIES
Rob Leadbeater
Honored Contributor

Re: password

Hi,

You question doesn't really make sense.

Do you want to make the password case INsensitive, so that they can log on with either upper or lower case ?

I'm not sure that it's possible, although you've given us no information on which "redhat" system you're talking about...

Cheers,

Rob
Ivan Ferreira
Honored Contributor

Re: password

Even windows password is case sensitive, can you explain if you have a specific problem or requirement that could be solved without reinventing the wheel.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Matti_Kurkela
Honored Contributor

Re: password

The case sensitivity is hard-coded into the password hashing algorithm. To make it case-insensitive, you would have to download the source code of the pam_unix.so PAM module and modify it to be always set the password to either all lower or all upper case before hashing.

(The unix-style password hashing cannot be reversed: a password is checked by hashing the password that user entered, and comparing the result to the stored password hash. If they match, the password was correct.)

But this is just a Wrong Thing to do: in Unix/Linux systems, *all command and file names* are case sensitive by default, and this cannot be changed. The users *must* learn to live with it.

MK
MK
Steven Schweda
Honored Contributor

Re: password

> But this is just a Wrong Thing to do: [...]

But a password is not a command or file name;
it's a password.

> [...] pam_unix.so [...]

If no one else has done it already.

> The users *must* learn to live with it.

Not if you change it. VMS, by the way, has
(by default) case-insensitive passwords.
(It's been "Wrong" for over thirty years,
with few complaints. And no complaints at
all about a "Caps Lock" key in the wrong
state. Many would not call this "Wrong".)
Randy Jones_3
Trusted Contributor

Re: password

> If no one else has done it already.

It did not take me five minutes to find
http://linux.derkeiler.com/Newsgroups/comp.os.linux.misc/2009-10/msg00125.html
dirk dierickx
Honored Contributor

Re: password

passwords, pfhu! what is it good for? hey, here is an idea, we'll disable passwords all together. pure brilliance.