[cups.bugs] md5 passwds

Shawn Sustaita ssustaita at cnm.edu
Thu Nov 22 06:48:49 PST 2007


We use long passwords (ie 37 characters in length) and when trying to 
authenticate via the CUPS web interface, the authentication fails.  We
think it fails due to the length of the password and that the web 
interface either can't handle the length or truncates before passing to
PAM.  On our system, it looks as if CUPS is relying on PAM.  On our
system, SSH relies on PAM too and they are both tied into the
system-auth module so this makes me think it's not PAM but the CUPS
web interface that's jacked due to the fact that we have no problems
authenticating via SSH.  Here's some info.

[root at jobsub01 pam.d]# cat /etc/redhat-release
Red Hat Enterprise Linux AS release 3 (Taroon Update 9)

[root at jobsub01 pam.d]# rpm -q cups
cups-1.1.17-13.3.43

[root at jobsub01 pam.d]# cat /etc/pam.d/cups
#%PAM-1.0
auth    required        pam_stack.so service=system-auth
account required        pam_stack.so service=system-auth

[root at jobsub01 pam.d]# cat /etc/pam.d/sshd
#%PAM-1.0
auth       required     pam_stack.so service=system-auth
auth       required     pam_nologin.so
account    required     pam_stack.so service=system-auth
password   required     pam_stack.so service=system-auth
session    required     pam_stack.so service=system-auth
session    required     pam_limits.so
session    optional     pam_console.so

[root at jobsub01 pam.d]# cat /etc/pam.d/system-auth
#%PAM-1.0
auth        required      /lib/security/$ISA/pam_env.so
auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
auth        required      /lib/security/$ISA/pam_deny.so
account     required      /lib/security/$ISA/pam_unix.so
password    required      /lib/security/$ISA/pam_cracklib.so retry=3 type=
password    sufficient    /lib/security/$ISA/pam_unix.so nullok 
use_authtok md5 shadow
password    required      /lib/security/$ISA/pam_deny.so
session     required      /lib/security/$ISA/pam_limits.so
session     required      /lib/security/$ISA/pam_unix.so


We would like to keep our passphrase passwords so any ideas or help
will be appreciated.

Thanks,


Shawn Sustaita
UNIX/Linux Systems Administrator
Central New Mexico Community College
525 Buena Vista SE
Albuquerque, New Mexico 87106
505.224.4809





More information about the cups mailing list