Re: SASL AUTH only check 8 first characters of the password

4 msg	Re: Accepted openssh-blacklist 0.3 (source all)
4 msg	RE: [SECURITY] [DSA 1583-1] New gnome-peercast ...
17 msg	openssh remote upgrade procedure?
3 msg	openssh lockup after blacklist hits
1 msg	RE: [SECURITY] [DSA 1576-2] New openssh package...
3 msg	realpath in PS1 bash
22 msg	openssl-blacklist & two keys per one pid
2 msg	Debian OpenSSL Weak Key Detector (dowkd) versio...
1 msg	Franz Tischler ist außer Haus.
9 msg	dowkd.pl false positives

SASL AUTH only check 8 first characters of the ...
\ Josep M. (16 May 2008)
. \ Bastian Blank (16 May 2008)
. . \ Josep M. (16 May 2008)

1 msg	Minor improvement to openssl-blacklist
3 msg	Fault in openssl-blacklist - version 0.1 -- fal...
10 msg	Thanks to Debian OpenSSL developers
1 msg	pr1
6 msg	Re: blacklist.RSA-1024 missing?
1 msg	openssh: working exploit on bugtraq
6 msg	DSA-1571 and GSSAPI
13 msg	ssh-vulnkey and authorized_keys
5 msg	Re: [SECURITY] [DSA 1571-1] vulnerability of pa...

Subject:	Re: SASL AUTH only check 8 first characters of the password
Group:	Debian-security
From:	Josep M.
Date:	16 May 2008

Hello Bastian.

This is part of my /etc/shadow, should this support more than 8
characters?

krasher:$1$a.XXXXXXXXXXXXXXXXXXXXXXXXXXXX.:13976:0:99999:7:::

Thanks
Josep

El vie, 16-05-2008 a las 15:15 +0200, Bastian Blank escribiÃ³:
> On Fri, May 16, 2008 at 02:55:22PM +0200, Josep M. wrote:
> > After do more checks, SASL only check the 8 first characters of the
> > password, how can I do that will check all characters?
>
> You use traditional crypted passwords? Check /etc/shadow.
>
> Bastian
>
> --
> Star Trek Lives!
>
>

--
To UNSUBSCRIBE, email to debian-security-REQUEST
with a subject of "unsubscribe". Trouble? Contact listmaster