Skip to main content

Cracklib password policy plugin for LdapCherry.

Project description

Cracklib password policy plugin for LdapCherry

https://travis-ci.org/kakwa/ldapcherry-ppolicy-cracklib.svg?branch=master https://coveralls.io/repos/kakwa/ldapcherry-ppolicy-cracklib/badge.svg Number of PyPI downloads PyPI version Documentation Status
Doc:Documentation on ReadTheDoc
Dev:Source code on GitHub
PyPI:Package on Pypi
License:MIT
Author:Pierre-Francois Carpentier - copyright © 2015

Install

From pypi:

pip install lcppolicy_cracklib

From sources:

$ python setup.py install

Configure

Enable module

To enable this module, set ppolicy.module to lcppolicy_cracklib in section [ppolicy] of ldapcherry.ini

Parameters

This plugin takes the following parameters in ldapcherry.ini (all the parameters are optional):

Parameter Section Description Values Comment
min_length ppolicy Minimum length of password integer Default: 0
min_upper ppolicy Minimum number of upper case characters Integer Default: 0
min_digit ppolicy Minimum number of digit characters Integer Default: 0
min_lower ppolicy Minimum number of lower case characters Integer Default: 0
min_other ppolicy Minimum number of non alphanumeric characters Integer Default: 0
dict_path ppolicy Path to dictionary Path

Default: default cracklib dictionary usually ‘/var/cache/cracklib/cracklib_dict’.

If pointing, for example, to /path/dict, then /path/dict.hwm, /path/dict.pwd and /path/dict.pwi must exist.

Example

[ppolicy]

# password policy module
ppolicy.module = 'lcppolicy_cracklib'
# minimum password length (optional default: 0)
min_length = 10
# minimum number of upper case characters (optional default: 0)
min_upper = 1
# minimum number of lower case characters (optional default: 0)
min_lower = 2
# minimum number of digits (optional default: 0)
min_digit = 1
# minimum number of non alphanumeric characters (optional default: 0)
min_other = 1
# path to dictionary (optional)
dict_path = '/var/cache/cracklib/cracklib_dict'

Custom dictionary

To build custom cracklib dictionaries:

  • Get one or many word list files (for example here: http://www.winedt.org/Dict/).
  • If necessary, encode it to UTF-8.
  • Generate the cracklib dictionary.

example:

# Just create a work directory
$ mkdir dict/
$ cd dict/

# Recover and unzip the word list
$ wget http://www.winedt.org/Dict/unicode/fr.zip
$ unzip fr.zip

# UTF-8 encoding
$ file *
fr.dic: Little-endian UTF-16 Unicode text
fr.txt: ASCII text, with CRLF line terminators
fr.zip: Zip archive data, at least v2.0 to extract
$ iconv -f UTF-16 -t UTF-8 fr.dic >fr2.dic

# Create the dictionary
$ cat fr2.dic | cracklib-packer mydict

# Result
$ ls mydict*
mydict.hwm  mydict.pwd  mydict.pwi

Warning

Most distributions already provide dictionaries and a cron script to update cracklib dictionary (see ‘apt-cache search ‘dictionary’ | egrep ‘^w’’ and ‘/etc/cron.daily/cracklib-runtime’ in Debian/Ubuntu for example)

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for lcppolicy_cracklib, version 0.1.0
Filename, size File type Python version Upload date Hashes
Filename, size lcppolicy_cracklib-0.1.0.tar.gz (189.4 kB) File type Source Python version None Upload date Hashes View

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring DigiCert DigiCert EV certificate Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page