Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Solaris Operating System >> Solaris Essentials - General Technical Questions

Root & User Passwords accept any digits

Hi Guys,

Need some help please, setting up a new server SunFire V240 with Solaris 9 SPARC.

Only after setup complete have I realized that the passwords for all users, including root, can accept any digit as a replacement for any numeric value that exists in their passwords.

E.G. If the password is root123456, the system accepts anything with rootXXXXXX, where X is any numeric value. Length however IS checked so only passwords of the right length are accepted.

I am lead to believe it is something to do with the locale setting but not sure what.

Current locale setting is:

# locale

LANG=

LC_CTYPE="C"

LC_NUMERIC="C"

LC_TIME="C"

LC_COLLATE="C"

LC_MONETARY="C"

LC_MESSAGES="C"

LC_ALL=

#

Any assistance or guidance in the right direction will be highly appreciated. (Google hasnt turned up much, surprisingly)

Khuz

Message was edited by:

Khuz.z

[967 byte] By [Khuz.za] at [2007-11-27 11:26:34]
«« Query Result
»» notify VS notifyAll
# 1

I dont think that is the case , Default password length is 8 characters and if you setup password more than 8 characters , the first 8 will be match only

check

/etc/defauit/passwd file

Regards

mtalhaa at 2007-7-29 16:11:17 > top of Java-index,Solaris Operating System,Solaris Essentials - General Technical Questions...
# 2

Hello Mtalha,

Appreciate your help...

Unfortunately that doesn't seem to be the case, I have passwords with 4 and 5 leading alphabets, and suceeding numbers.

Its only the numbers that aren't considered. In the example above, which I tried out, had it been considering the first 8 only, my password would need to be correct upto rootXXXX, but I managed to login with incorrect values.

Any ideas...?

Khuz

Khuz.za at 2007-7-29 16:11:17 > top of Java-index,Solaris Operating System,Solaris Essentials - General Technical Questions...
# 3

/bin/passwd in Solaris < 10 only accepts the first eight characters of any password you have input, anything after eight is discarded / ignored. If you need more than eight, then consider moving to Solaris 10 -

http://sunsolve.sun.com/search/document.do?assetkey=1-1-4183154-1

jeff

jeffrey.sa at 2007-7-29 16:11:17 > top of Java-index,Solaris Operating System,Solaris Essentials - General Technical Questions...
# 4

> Hello Mtalha,

>

> Appreciate your help...

> Unfortunately that doesn't seem to be the case, I

> have passwords with 4 and 5 leading alphabets, and

> suceeding numbers.

>

> Its only the numbers that aren't considered. In the

> example above, which I tried out, had it been

> considering the first 8 only, my password would need

> to be correct upto rootXXXX, but I managed to login

> with incorrect values.

Can you create an example for us?Show us the encrypted password that is in /etc/shadow and the real password that should match.

--

Darren

Darren_Dunhama at 2007-7-29 16:11:17 > top of Java-index,Solaris Operating System,Solaris Essentials - General Technical Questions...
Solaris Operating System
Solaris Essentials - General Technical Questions

Solaris Operating System Hot Topic

Solaris Operating System

All Classified