another (different) KDC name resolution question

Tom Yu tlyu at MIT.EDU
Mon Feb 22 23:34:02 EST 2010


Russ Allbery <rra at stanford.edu> writes:

> Abe Singer <abe at ligo.caltech.edu> writes:
>
>> Thanks for the pointer to the roadmap.  I'd like to know more about the
>> item "plugins for password quality checks."  We're rolling our own mod
>> of kadmin that implements libcrack for password checking (I've got a lot
>> of good arguments for why that's way better than complexity rules).  I
>> was going to submit a patch for consideration.
>
> See also:
>
>     http://www.eyrie.org/~eagle/software/krb5-strength/
>
> which does the same thing except its embedded copy of CrackLib has
> stronger rules, since we found Jack the Ripper could guess passwords
> passed by CrackLib.
>
> Marcus Watts has a much-improved libkadm5srv patch than the one included
> in that package.

Is there a recent pointer to this patch by Marcus Watts?



More information about the Kerberos mailing list