Skip to main content
Join the official Python Developers Survey 2018 and win valuable prizes: Start the survey!

Cracklib password policy plugin for LdapCherry.

Project description

Cracklib password policy plugin for LdapCherry

https://travis-ci.org/kakwa/ldapcherry-ppolicy-cracklib.svg?branch=master https://coveralls.io/repos/kakwa/ldapcherry-ppolicy-cracklib/badge.svg Number of PyPI downloads PyPI version Documentation Status
Doc:Documentation on ReadTheDoc
Dev:Source code on GitHub
PyPI:Package on Pypi
License:MIT
Author:Pierre-Francois Carpentier - copyright © 2015

Install

From pypi:

pip install lcppolicy_cracklib

From sources:

$ python setup.py install

Configure

Enable module

To enable this module, set ppolicy.module to lcppolicy_cracklib in section [ppolicy] of ldapcherry.ini

Parameters

This plugin takes the following parameters in ldapcherry.ini (all the parameters are optional):

Parameter Section Description Values Comment
min_length ppolicy Minimum length of password integer Default: 0
min_upper ppolicy Minimum number of upper case characters Integer Default: 0
min_digit ppolicy Minimum number of digit characters Integer Default: 0
min_lower ppolicy Minimum number of lower case characters Integer Default: 0
min_other ppolicy Minimum number of non alphanumeric characters Integer Default: 0
dict_path ppolicy Path to dictionary Path

Default: default cracklib dictionary usually ‘/var/cache/cracklib/cracklib_dict’.

If pointing, for example, to /path/dict, then /path/dict.hwm, /path/dict.pwd and /path/dict.pwi must exist.

Example

[ppolicy]

# password policy module
ppolicy.module = 'lcppolicy_cracklib'
# minimum password length (optional default: 0)
min_length = 10
# minimum number of upper case characters (optional default: 0)
min_upper = 1
# minimum number of lower case characters (optional default: 0)
min_lower = 2
# minimum number of digits (optional default: 0)
min_digit = 1
# minimum number of non alphanumeric characters (optional default: 0)
min_other = 1
# path to dictionary (optional)
dict_path = '/var/cache/cracklib/cracklib_dict'

Custom dictionary

To build custom cracklib dictionaries:

  • Get one or many word list files (for example here: http://www.winedt.org/Dict/).
  • If necessary, encode it to UTF-8.
  • Generate the cracklib dictionary.

example:

# Just create a work directory
$ mkdir dict/
$ cd dict/

# Recover and unzip the word list
$ wget http://www.winedt.org/Dict/unicode/fr.zip
$ unzip fr.zip

# UTF-8 encoding
$ file *
fr.dic: Little-endian UTF-16 Unicode text
fr.txt: ASCII text, with CRLF line terminators
fr.zip: Zip archive data, at least v2.0 to extract
$ iconv -f UTF-16 -t UTF-8 fr.dic >fr2.dic

# Create the dictionary
$ cat fr2.dic | cracklib-packer mydict

# Result
$ ls mydict*
mydict.hwm  mydict.pwd  mydict.pwi

Warning

Most distributions already provide dictionaries and a cron script to update cracklib dictionary (see ‘apt-cache search ‘dictionary’ | egrep ‘^w’’ and ‘/etc/cron.daily/cracklib-runtime’ in Debian/Ubuntu for example)

Project details


Release history Release notifications

This version
History Node

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
lcppolicy_cracklib-0.1.0.tar.gz (189.4 kB) Copy SHA256 hash SHA256 Source None Nov 4, 2015

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page