[TriLUG] MD5 password problem in SuSE
Paul D. Boyle
boyle at laue.chem.ncsu.edu
Thu Aug 1 14:13:00 EDT 2002
Jeff Bollinger:
> Running SuSE (7.1?) on a Sparc64 I went to the KDE control panel and the
> Security Settings module (all as root) and checked the "active MD5
> encryption for passwords". I had a user change her password, and now
> she cannot log in via SSH.
>
> When I look at /etc/shadow I can tell her new password has MD5 because
> the encrypted password is MUCH longer than the other user passwords (who
> have not changed their passwords since I enabled MD5 encryption.)
>
> Any ideas how I can keep MD5 encryption on all the passwords in
> /etc/shadow, but still access the system via SSH?
This sounds like a PAM problem. Look at the /etc/pam.d/sshd to see if has
md5 included. On a SuSE 7.x system this is what it looks like:
#%PAM-1.0
auth required pam_unix.so # set_secrpc
auth required pam_nologin.so
auth required pam_env.so
account required pam_unix.so
password required pam_pwcheck.so md5
password required pam_unix.so md5 use_first_pass use_authtok
session required pam_unix.so none # trace or debug
session required pam_limits.so
Regards,
Paul
--
Paul D. Boyle | boyle at laue.chem.ncsu.edu
Director, X-ray Structural Facility | phone: (919) 515-7362
Department of Chemistry - Box 8204 | FAX: (919) 515-5079
North Carolina State University | http://www.xray.ncsu.edu
Raleigh, NC, 27695-8204
More information about the TriLUG
mailing list