another (different) KDC name resolution question
Tom Yu
tlyu at MIT.EDU
Mon Feb 22 23:34:02 EST 2010
Russ Allbery <rra at stanford.edu> writes:
> Abe Singer <abe at ligo.caltech.edu> writes:
>
>> Thanks for the pointer to the roadmap. I'd like to know more about the
>> item "plugins for password quality checks." We're rolling our own mod
>> of kadmin that implements libcrack for password checking (I've got a lot
>> of good arguments for why that's way better than complexity rules). I
>> was going to submit a patch for consideration.
>
> See also:
>
> http://www.eyrie.org/~eagle/software/krb5-strength/
>
> which does the same thing except its embedded copy of CrackLib has
> stronger rules, since we found Jack the Ripper could guess passwords
> passed by CrackLib.
>
> Marcus Watts has a much-improved libkadm5srv patch than the one included
> in that package.
Is there a recent pointer to this patch by Marcus Watts?
More information about the Kerberos
mailing list