[freeside] Passwords over 12 chars

Scott Lambert lambert at lambertfam.org
Sun Aug 31 23:56:53 PDT 2003 

On Mon, Sep 01, 2003 at 02:53:31AM -0400, Scott Lambert wrote:
> On Sun, Aug 31, 2003 at 10:08:29PM -0700, Kristian Hoffmann wrote:
> > When freeside exports to radius, it assumes any password longer than 12
> > characters is a crypt password, following with the standard.  This is done
> > because some people import crypt passwords into freeside and this is the
> > only real way to determine if a password is plain text or crypt.
> 
> <without having looked at any code>
> 
> How many people use more than two bytes of salt with their DES crypts?
> My DES crypted passwords are all exactly 13 characters, including salt.
> Other crypt methods use the $[:digit:]$salt$crypt format, which should
> reasonably programatically recognizable.  Perhaps the crypt password
> assumption could be made only in the case of a 13 byte, or at least more
> range limitted length, password or the regex matchable case.

err, and without spaces. :-)
 
> </without having looked at any code>
> 
> > To tell you the truth, I ran into the same problem.  I'm planning on
> > writing a patch to fix it, but I don't know what the best way to fix it
> > would be.  In the meantime, <horrible kluge>I just modified the passwords
> > in the exported radius database</horrible kluge>.
> > 
> > -Kristian
> > 
> > On Sun, 31 Aug 2003 troyh at netsignia.net wrote:
> > 
> > > > On Sat, Aug 30, 2003 at 06:42:09PM -0400, Rob Charles wrote:
> > > >> Anything after 8 characters does not matter anyways, it's a UNIX
> > > >> thing....
> > > >>
> > > >> :)
> > > I am not speaking of a unix password. I am speaking of a export with
> > > sqlradius. If the password is 13 or more then the attrb field is changed
> > > to Crypt-Password.
> > >
> > > >
> > > > Only with DES encrypted passwords.  MD5 and Blowfish will encrypt a, for
> > > > practical purposes (IIRC, 1024), unlimited length password.  Both those
> > > > also require a much wider encrypted password field.
> > > >
> > > > MD5 is the default on FreeBSD and my one Redhat 7.2 box.  Blowfish is the
> > > > default on OpenBSD.
> > > >
> > > > --
> > > > Scott Lambert                    KC5MLE                       Unix
> > > > SysAdmin
> > > > lambert at lambertfam.org
> > > >
> > >
> > >
> 
> -- 
> Scott Lambert                    KC5MLE                       Unix SysAdmin
> lambert at lambertfam.org      

-- 
Scott Lambert                    KC5MLE                       Unix SysAdmin
lambert at lambertfam.org

More information about the freeside-users mailing list