Using cracklib with the KDC

Sam Hartman hartmans at MIT.EDU
Sun Oct 12 08:16:17 EDT 2003

>>>>> "Henry" == Henry B Hotz <hotz at> writes:

    Henry> Does the MIT code have a user hook in the change password
    Henry> function where I can link in cracklib?  

No.  Nicolas Williams from Sun has proposed that the right way to do
this is for the KDC to use libpam on systems that have it and to use
the password stack to run modules like cracklib.  This seems like an
interesting approach to try, but we have not yet implemented it.

More information about the Kerberos mailing list