pwqual builtin plugins not working
David Shrimpton
d.shrimpton at its.uq.edu.au
Wed May 15 00:58:06 EDT 2013
Adding "princ" and "dict" pwqual plugin settings to krb5.conf
and a dict_file setting to realm in realms section of kdc.conf
and restarting kdc and kadmind on MIT 1.11 kerberos installation
doesn't appear to stop the principal name or dictionary words
being set as password using 'kadmin cpw'
eg krb5.conf
[plugins]
pwqual = {
disable = empty
enable_only = princ
enable_only = dict
}
Using "enable_only = empty" or "disable = empty"
does however control whether an empty password can be set.
Is there some other configuration or compilation
setting that is needed to enable the princ and dict builtin plugins ?
More information about the Kerberos
mailing list