Linux: Passwortstärke überprüfen mit cracklib

This post was published 11 years 3 months 4 days ago, so the post may be outdated.

cracklib

Wiedermal ein kleiner Tipp von einen kleinen und nützlichen Tool von Linux. Mit “cracklib-check” ist es möglich, Passwörter zu prüfen, ob diese schwer knackbar sind oder nicht. Dabei wird in kleinen Wörterbüchern gesucht, ob ein Wort im Passwort vorkommt. Zusätzlich wird das Programm auch noch diverse andere Algorithmen haben, welche die Stärke ermitteln kann.

Die Beispiele kann man auch im Screenshot des Artikels lesen.

Installation

apt-get install libcrack2

Verwendungsbeispiele

# echo "test" | cracklib-check
test: it is too short

# echo "test123" | cracklib-check
test123: it is based on a dictionary word

# echo "H8dsl§3G3d$" | cracklib-check
H8dsl§3G3d$: OK

Verwendungsbeispiel in der Praxis

#!/bin/bash
# A sample shell script to add user to the system
# Check password for strength 
# Written by Vivek Gite under GPL v2.x+
# ----------------------------------------------
read -p "Enter username : " user
read -sp "Enter password : " password
echo
echo "Testing password strength..."
echo
result="$(cracklib-check <<<"$password")"
# okay awk is  bad choice but this is a demo 
okay="$(awk -F': ' '{ print $2}' <<<"$result")"
if [[ "$okay" == "OK" ]]
then
	echo "Adding a user account please wait..."
	/sbin/useradd -m -s /bin/bash $user
	echo "$user:$password" | /sbin/chpasswd
else
	echo "Your password was rejected - $result"
        echo "Try again."
fi

Quelle: http://www.cyberciti.biz/security/linux-password-strength-checker/

Patrik Kernstock

May I introduce my self? I am Patrik Kernstock, 25 years old, perfectionist, born in Austria and living in Ireland, Cork. Me explained in short: Tech- and security enthusiast, series & movies junky. Interesting in Linux, Container-stuff and many software solutions by Microsoft, Veeam and VMware.

0 0 votes
Article Rating
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x