Skip to main content
This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (pypi.python.org).
Help us improve Python packaging - Donate today!

Cracklib password policy plugin for LdapCherry.

Project Description

Cracklib password policy plugin for LdapCherry


Doc:Documentation on ReadTheDoc
Dev:Source code on GitHub
PyPI:Package on Pypi
License:MIT
Author:Pierre-Francois Carpentier - copyright © 2015

Install

From pypi:

pip install lcppolicy_cracklib

From sources:

$ python setup.py install

Configure

Enable module

To enable this module, set ppolicy.module to lcppolicy_cracklib in section [ppolicy] of ldapcherry.ini

Parameters

This plugin takes the following parameters in ldapcherry.ini (all the parameters are optional):

Parameter Section Description Values Comment
min_length ppolicy Minimum length of password integer Default: 0
min_upper ppolicy Minimum number of upper case characters Integer Default: 0
min_digit ppolicy Minimum number of digit characters Integer Default: 0
min_lower ppolicy Minimum number of lower case characters Integer Default: 0
min_other ppolicy Minimum number of non alphanumeric characters Integer Default: 0
dict_path ppolicy Path to dictionary Path

Default: default cracklib dictionary usually ‘/var/cache/cracklib/cracklib_dict’.

If pointing, for example, to /path/dict, then /path/dict.hwm, /path/dict.pwd and /path/dict.pwi must exist.

Example

[ppolicy]

# password policy module
ppolicy.module = 'lcppolicy_cracklib'
# minimum password length (optional default: 0)
min_length = 10
# minimum number of upper case characters (optional default: 0)
min_upper = 1
# minimum number of lower case characters (optional default: 0)
min_lower = 2
# minimum number of digits (optional default: 0)
min_digit = 1
# minimum number of non alphanumeric characters (optional default: 0)
min_other = 1
# path to dictionary (optional)
dict_path = '/var/cache/cracklib/cracklib_dict'

Custom dictionary

To build custom cracklib dictionaries:

  • Get one or many word list files (for example here: http://www.winedt.org/Dict/).
  • If necessary, encode it to UTF-8.
  • Generate the cracklib dictionary.

example:

# Just create a work directory
$ mkdir dict/
$ cd dict/

# Recover and unzip the word list
$ wget http://www.winedt.org/Dict/unicode/fr.zip
$ unzip fr.zip

# UTF-8 encoding
$ file *
fr.dic: Little-endian UTF-16 Unicode text
fr.txt: ASCII text, with CRLF line terminators
fr.zip: Zip archive data, at least v2.0 to extract
$ iconv -f UTF-16 -t UTF-8 fr.dic >fr2.dic

# Create the dictionary
$ cat fr2.dic | cracklib-packer mydict

# Result
$ ls mydict*
mydict.hwm  mydict.pwd  mydict.pwi

Warning

Most distributions already provide dictionaries and a cron script to update cracklib dictionary (see ‘apt-cache search ‘dictionary’ | egrep ‘^w’’ and ‘/etc/cron.daily/cracklib-runtime’ in Debian/Ubuntu for example)

Release History

Release History

This version
History Node

0.1.0

Download Files

Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
lcppolicy_cracklib-0.1.0.tar.gz (189.4 kB) Copy SHA256 Checksum SHA256 Source Nov 4, 2015

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting