Return-Path: csieh@fnsolar.fnal.gov
Return-Path: <csieh@fnsolar.fnal.gov>
Received: from FNAL.FNAL.Gov (fnal.fnal.gov [131.225.9.8])
by sapphire.fnal.gov (8.8.7/8.8.7) with ESMTP id PAA15007
for <yocum@sapphire.fnal.gov>; Wed, 9 Sep 1998 15:59:59 -0500
Received: from fnsolar.fnal.gov ("port 40701"@fnsolar.fnal.gov)
by FNAL.FNAL.GOV (PMDF V5.1-10 #3998)
with ESMTP id <01J1LWTSHC94000ZDU@FNAL.FNAL.GOV> for yocum@sapphire.fnal.gov;
Wed, 9 Sep 1998 15:59:58 -0500 CST
Received: (from csieh@localhost) by fnsolar.fnal.gov (8.8.3/8.8.2)
id PAA00330; Wed, 09 Sep 1998 15:59:55 -0500 (CDT)
Date: Wed, 09 Sep 1998 15:59:54 -0500 (CDT)
From: Constance Sieh <csieh@fnal.gov>
Subject: Re: Cracklib checking of passwords is already present in Linux 5.0.
In-reply-to: <199809091957.OAA16780@dcdrjh.fnal.gov>
To: herber@fnal.gov, uss-help@fnal.gov
Cc: yocum@fnal.gov
Message-id: <199809092059.PAA00330@fnsolar.fnal.gov>
MIME-version: 1.0
X-Mailer: ELM [version 2.4 PL25]
Content-type: text/plain; charset=US-ASCII
Content-transfer-encoding: 7bit
Status: R
Randy,
>
> The following header lines retained to affect attribution:
> |Date: Wed, 09 Sep 1998 13:54:17 -0500 (CDT)
> |From: Constance Sieh <csieh@fnal.gov>
> |Subject: Reminder that we have Linux available
> |To: cd@fnal.gov
>
> |CD,
>
> | This is a reminder that Linux is available at Fermi. Desktop support
> |was announced in January 1998. The web page below has a link to this
> |announcement. Please note that only "intel" systems are supported.
>
> | Fermi Linux is based on RedHat 5.0 with lots of patches. It is almost
> |RedHat 5.1. Please DO NOT use generic RedHat 5.0 or 5.1 as there are
> |many things broken in each most notably security issues.
>
> Please make this list of patches available.
We have documented this list on our web pages. We also have them available
via ftp at
ftp://linux/linux/current/i386/i386.errata
/general.errata
These 2 documents are copies of the release documents for the errata from
RedHat. All of these errata have already been incorporated in our release
as described on our web page.
> Please include a choice for locations from which the
> patches can be availed, preferably including off-site locations.
All of these patches can be obtained from
ftp://linux-rep/pub/mirrors/redhat/updates/5.0/i386/
and
ftp://ftp.redhat.com/updates/5.0/i386
which is the site that linux-rep mirrors.
>
> | On-site installation is via an on-site install server. Information and
> |installation instructions can be obtained at;
>
> |www.fnal.gov/cd/unix/linux
>
> | There is a discussion mailing list at linux-users@fnal.gov .
>
> | If you have any questions or problems please send them to
>
> |helpdesk
> |or
> |uss-help@fnal.gov
> |or
> |csieh@fnal.gov
>
> |Connie Sieh
> |OSS Field Systems Support
> |Group Leader
> |csieh@fnal.gov
>
> The code for applying Cracklib 5.0 checking of password
> strength is already present in Red Hat 5.0; but, unfortunately,
> the necessary dictionaries are not provided. This fact
> was discovered during a discussion between Chris Green of CDF
> and I about how to implement something similar to the checking
> I implemented in the passwd command on cdfsga. We checked the
> sources of the password management subsystem and discovered that
> the facility was present but with a null dictionary.
>
> The ``missing'' dictionary files may be generated by downloading the
> dictionary sources and regenerating them. I also have them
> available in cdfsga.fnal.gov:~herber/cracklib_dict.*:
>
> -rw-r--r-- 1 herber g163 1024 Sep 9 13:54 cracklib_dict.hwm
> -rw-r--r-- 1 herber g163 6348280 Sep 9 13:54 cracklib_dict.pwd
> -rw-r--r-- 1 herber g163 357216 Sep 9 13:54 cracklib_dict.pwi
>
> The corresponding *.asc files are PGP signature files signed by me.
>
> The files are installed by copying them to /usr/lib on one's
> Linux system. As the files are believed to be quite sensitive
> to hardware, I would only consider using them on Intel CPUed
> Linux systems of recent vintage.
Thanks Randy for doing this. We will make a "RPM" of them and add them to
the distribution.
- -connie
------- End of Forwarded Message