Login Password Discrepancy

Support for security such as Firewalls and securing linux
Posts: 32
Joined: 2007/05/25 08:42:41
Location: Edinburgh, Scotland

Login Password Discrepancy

Postby sreilly » 2009/07/31 16:12:27

I admin a small group of CentOS 4 boxes using YP/NIS for password distribution.

Today I ran into a discrepancy that I would like to understand.

Users are required to change their password every 60 days and one user today was having problems with the passwords he was choosing. He had logged in with his "about to expire" password and ran the command yppasswd to enter a new one. He was getting fed up with his suggestions being rejected so decided to enter !"£$%^&*()_+ (ie shift 1 - 0)
This was accepted by yppasswd.
However, once logged out he was unable to gain access again.
I presume this has either something to do with the differing password mechanisms between the KDE login screen and NIS, or the shell was interpreting some of the entered characters when running the yppasswd command.

Has anyone else spotted this feature(?)?