libpwquality-1.4.5
Introduction to libpwquality
The libpwquality package provides
common functions for password quality checking and also scoring
them based on their apparent randomness. The library also provides
a function for generating random passwords with good
pronounceability.
This package is known to build and work properly using an LFS 11.3
platform.
Package Information
libpwquality Dependencies
Required
CrackLib-2.9.8
Recommended
Linux-PAM-1.5.2
User Notes: https://wiki.linuxfromscratch.org/blfs/wiki/libpwquality
Installation of libpwquality
Install libpwquality by running
the following commands:
./configure --prefix=/usr \
--disable-static \
--with-securedir=/usr/lib/security \
--with-python-binary=python3 &&
make
This package does not come with a test suite.
Now, as the root
user:
make install
Command Explanations
--with-python-binary=python3
: This
parameter gives the location of the Python binary. The default is python
, and requires Python-2.7.18.
Configuring libpwquality
libpwquality is intended to be a
functional replacement for the now-obsolete pam_cracklib.so
PAM module. To configure the
system to use the pam_pwquality
module, execute the following commands as the root
user:
mv /etc/pam.d/system-password{,.orig} &&
cat > /etc/pam.d/system-password << "EOF"
# Begin /etc/pam.d/system-password
# check new passwords for strength (man pam_pwquality)
password required pam_pwquality.so authtok_type=UNIX retry=1 difok=1 \
minlen=8 dcredit=0 ucredit=0 \
lcredit=0 ocredit=0 minclass=1 \
maxrepeat=0 maxsequence=0 \
maxclassrepeat=0 gecoscheck=0 \
dictcheck=1 usercheck=1 \
enforcing=1 badwords="" \
dictpath=/usr/lib/cracklib/pw_dict
# use sha512 hash for encryption, use shadow, and use the
# authentication token (chosen password) set by pam_pwquality
# above (or any previous modules). Also set the number of crypt rounds
# to the value used in shadow.
password required pam_unix.so sha512 shadow use_authtok \
rounds=500000
# End /etc/pam.d/system-password
EOF
Contents
Installed Programs:
pwscore and pwmake
Installed Libraries:
pam_pwquality.so and
libpwquality.so
Installed Directories:
None
Short Descriptions
pwmake
|
is a simple configurable tool for generating random and
relatively easily pronounceable passwords
|
pwscore
|
is a simple tool for checking quality of a password
|
libpwquality.so
|
contains API functions for checking the password quality
|
pam_pwquality.so
|
is a Linux PAM module
used to perform password quality checking
|