Reputation: 133
Where is size of password (for command passwd) set?
There is header file pwd.h for programming language C. I want to know if this is the only file, where size of a password is set? Do I have to edit files of command mcrypt too and the files of shadow (command passwd) too - when I want to change the size of a password?
As I read by the source files, is the password currently in Linux set to maximum of 513 characters (in file extra.h of mcrypt sources). When I want to change to a bigger size, which files would I have to edit ?
The fear is that quantum computers are able to crack 513 characters without too much effort.
The idea is to do this following:
first step: generate an individually cipher-salad file in *.txt format to save it on usb-stick with a size of up to 1 GB.
second step: to type command in login window of Linux (gdm or lightdm) with which you start a shell-script on your machine. The shell-script is stored for example in /home - the command could look like this:
> exec 3</home/linux/name-of-shell.sh
third step is that this name-of-shell-script is then started :
#! /bin/bash
while read file /media/usb/cipher-salad.txt
do
passwd | stdin
done < /media/usb/cipher-salad.txt`
Then password would be read in from usb-stick as file up to size of 1 GB.
Up to today the sources for passwd are declared with char for size up to 513 ciphers in password.
When declared with int the size up to 4 GB would be possible, but sufficient would be at first a size up to 1 GB.
Disadvantage of this idea is, that you can use usb-stick only off-line from internet (otherwise there would be danger that it could be copied online). One would only need the usb-stick in machine, when password is needed and then plug-out usb-stick after process with password is settled.
I think, this could be a little revolution for linux-community and an earth-quake for security, when global mass-surveillance is hold up.
Upvotes: 0
Views: 56
Answers (1)
Reputation: 13450
In short, don't.
In long, you may able to edit those files, but then you have to recompile all of the applications, which rely on pwd.h. This is not feasible and not what you want. You may explain, why 512 chars is not enough for your purpose, and we may can suggest a solution for this (by using a key derivation function or similar).
Upvotes: 1
Related Questions
- In the case of a normal user with no access to etc/shadow file, how can the passwd command allow him to change his password?
- Does 'echo user:pass | /usr/sbin/chpasswd' override the root password?
- Are passwords on modern Unix/Linux systems still limited to 8 characters?
- Terminal Password
- how to pass a user password ,stored in config file to passwd command
- How do I find out the complexity needed for a Unix password
- Which config file converts the login password raw text to hash in linux?
- Perforce: How to change the password length requirement?
- How do I set the password length in a TextBox?
- What API do I call to set a user's password on linux?