Something nice to say about Sun
Apr. 13th, 2006 08:02 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
issaferretSo the DOD increased their requirements for password strength. The details are easy to code, but I was faced with the problem of _coding_ a PAM module to do the password checking; noone had a module that could be tweaked easily to match.
After much pain, I randomly happened upon a spot on the Sun site that had a collection of PAM module templates! About 20 minutes later I'd built and tested a replacement for our current (shitty) password checking module. Thank god for small miracles. That, figuring out how to get Solaris to stop encrypting passwords before sending them to LDAP, and figuring out how to get Solaris 9 to use MD5 instead of crypt mean that I can get most of our systems at least partially covered relatively easily.
Next trick: writing up a random password generator, since the new password requirements are going to tweak my brain.
After much pain, I randomly happened upon a spot on the Sun site that had a collection of PAM module templates! About 20 minutes later I'd built and tested a replacement for our current (shitty) password checking module. Thank god for small miracles. That, figuring out how to get Solaris to stop encrypting passwords before sending them to LDAP, and figuring out how to get Solaris 9 to use MD5 instead of crypt mean that I can get most of our systems at least partially covered relatively easily.
Next trick: writing up a random password generator, since the new password requirements are going to tweak my brain.
