libpwquality-1.4.5

Introduction to libpwquality

The libpwquality package provides common functions for password quality checking and also scoring them based on their apparent randomness. The library also provides a function for generating random passwords with good pronounceability.

This package is known to build and work properly using an LFS 12.4 platform.

Package Information

Download (HTTP): https://github.com/libpwquality/libpwquality/releases/download/libpwquality-1.4.5/libpwquality-1.4.5.tar.bz2
Download MD5 sum: 6b70e355269aef0b9ddb2b9d17936f21
Download size: 424 KB
Estimated disk space required: 5.4 MB
Estimated build time: 0.1 SBU

libpwquality Dependencies

Required

CrackLib-2.10.3

Installation of libpwquality

Install libpwquality by running the following commands:

./configure --prefix=/usr                      \
            --disable-static                   \
            --with-securedir=/usr/lib/security \
            --disable-python-bindings          &&
make &&
pip3 wheel -w dist --no-build-isolation --no-deps --no-cache-dir $PWD/python

This package does not come with a test suite.

Now, as the root user:

make install &&
pip3 install --no-index --find-links dist --no-user pwquality

Command Explanations

--disable-python-bindings: This parameter disables building Python bindings with the deprecated python3 setup.py build command. The explicit instruction to build the Python 3 binding with the pip3 wheel command is provided.

Configuring libpwquality

libpwquality is intended to be a functional replacement for the now-obsolete pam_cracklib.so PAM module. To configure the system to use the pam_pwquality module, execute the following commands as the root user:

mv /etc/pam.d/system-password{,.orig} &&
cat > /etc/pam.d/system-password << "EOF"
# Begin /etc/pam.d/system-password

# check new passwords for strength (man pam_pwquality)
password  required    pam_pwquality.so   authtok_type=UNIX retry=1 difok=1 \
                                         minlen=8 dcredit=0 ucredit=0      \
                                         lcredit=0 ocredit=0 minclass=1    \
                                         maxrepeat=0 maxsequence=0         \
                                         maxclassrepeat=0 gecoscheck=0     \
                                         dictcheck=1 usercheck=1           \
                                         enforcing=1 badwords=""           \
                                         dictpath=/usr/lib/cracklib/pw_dict

# use yescrypt hash for encryption, use shadow, and try to use any
# previously defined authentication token (chosen password) set by any
# prior module.
password  required    pam_unix.so        yescrypt shadow try_first_pass

# End /etc/pam.d/system-password
EOF

Installed Programs: pwscore and pwmake

Installed Libraries: pam_pwquality.so and libpwquality.so

Installed Directories: /usr/lib/python3.11/site-packages/pwquality-1.4.5.dist-info

Short Descriptions

pwmake	is a simple configurable tool for generating random and relatively easily pronounceable passwords
pwscore	is a simple tool for checking quality of a password
`libpwquality.so`	contains API functions for checking the password quality
`pam_pwquality.so`	is a Linux PAM module used to perform password quality checking

Prev
liboauth-1.0.3
Next
MIT Kerberos V5-1.22.1
Up
Home

Beyond Linux^® From Scratch (systemd Edition) - Version 12.4

Chapter 4. Security

libpwquality-1.4.5

Introduction to libpwquality

Package Information

libpwquality Dependencies

Required

Recommended

Installation of libpwquality

Command Explanations

Configuring libpwquality

Contents

Short Descriptions

Beyond Linux® From Scratch (systemd Edition) - Version 12.4

Chapter 4. Security

libpwquality-1.4.5

Introduction to libpwquality

Package Information

libpwquality Dependencies

Required

Recommended

Installation of libpwquality

Command Explanations

Configuring libpwquality

Contents

Short Descriptions

Beyond Linux^® From Scratch (systemd Edition) - Version 12.4