debian/0000755000000000000000000000000012207733110007162 5ustar debian/patches/0000755000000000000000000000000012207725503010620 5ustar debian/patches/99-docs-password-strength.patch0000644000000000000000000000710012201317243016512 0ustar # This patch adds addition information about password safety Index: passwdqc-1.3.0/password-strength.txt =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ passwdqc-1.3.0/password-strength.txt 2013-08-10 11:34:22.154720531 +1000 @@ -0,0 +1,66 @@ +## From http://openwall.info/wiki/passwdqc/policy +# 2010.03.15.1510 +# +Password strength policy considerations + +Many system administrators are tempted to relax passwdqc's default policy +settings in order to make it easier for the users to choose and remember +passwords that would pass the policy. Unfortunately, this very likely results +in unacceptably weak passwords being allowed. The following excerpt from an +e-mail exchange between a user of passwdqc (a system administrator) and Solar +Designer (the original author and a maintainer of passwdqc) explains some of +these issues. + +━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ + + I appreciate what passwdqc is, but I think that the default minima are too + restrictive […] If the system enforced too restrictive passwords, users are + forced to write them down on paper. + +This is not necessarily such a bad thing. It depends on what threats we +primarily protect against. Off the top of my head, I can identify the following +relevant threat classes: + + 1. Offline attacks against stolen/leaked password hashes. + 2. Online attacks against remote systems. (Also similar attacks against + not-so-remote systems in some cases.) + 3. Leaks of plaintext passwords from the users. + +Your concern above is about #3, whereas #1 and #2 are avoided. If we make the +password policy less restrictive, we'll be a lot more vulnerable to #1 while +maybe avoiding #3 in some cases. Please note that with #1, the attack is +usually system-wide (a certain large percentage of accounts may get compromised +- say, 20% - and this would be difficult to recover from on a large system). +For comparison, with #3 the attack is per-person, so a much smaller percentage +of accounts gets compromised. Also, in some cases it's about “formal” +responsibility - for #1 it is the system admins', for #3 it is the specific +user's (even if the system admins were “at fault” for enforcing “too strict” a +policy). + +Also, you might be over-estimating the difficulty of memorizing passphrases +that pass the default requirements of passwdqc. I have lots of those memorized. + + Over the last years, I have thus used the following settings: + + min=disabled,12,8,6,5 enforce=users + +These might protect against #2 (although length 5 feels too low even for remote +attacks), but definitely not against #1. I'd call these unreasonable for most +systems and typical threat models (based on my experience). + + while the defaults are + + min=disabled,24,11,8,7 enforce=everyone + + While the enforce option is surely a policy decision, I would like to hear + your opinion on the minima strengths. I think that the ones you chose are + possibly a bit too strong. + +passwdqc's default requirements are about the minimum needed to prevent +not-too-powerful offline attacks. + +I see no way to relax the requirements yet have much protection against offline +attacks, which are a primary concern for systems with large numbers of users +(because of the cost of recovery from a compromise). + +passwdqc/policy.txt · Last modified: 2010/03/15 20:32 by solar debian/patches/series0000644000000000000000000000006112201361555012027 0ustar 01-manpage-fixes 99-docs-password-strength.patch debian/patches/01-manpage-fixes0000644000000000000000000000110512201361762013477 0ustar Description: Fixes minor glitches in the manpages Author: Jackson Doak Index: passwdqc-1.3.0/pwqcheck.1 =================================================================== --- passwdqc-1.3.0.orig/pwqcheck.1 2013-08-10 16:55:41.127266666 +1000 +++ passwdqc-1.3.0/pwqcheck.1 2013-08-10 16:55:41.127266666 +1000 @@ -160,7 +160,7 @@ This is needed to use .Nm as the passwordcheck program on OpenBSD - e.g., with -":passwordcheck=/usr/bin/pwqcheck -1:\\" +":passwordcheck=/usr/bin/pwqcheck \-1:\\" in the "default" section in .Cm /etc/login.conf . .It Cm -2 debian/copyright0000644000000000000000000001071312201362466011125 0ustar Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: passwdqc Source: http://www.openwall.com/passwdqc/ Files: * Copyright: 2000-2013, Solar Designer 2001, Networks Associates Technology, Inc. License: cut-down-BSD Files: pam_passwdqc.8 Copyright: 2001, Networks Associates Technology, Inc. 2009, Dmitry V. Levin 2009 Solar Designer License: BSD Files: passwdqc.conf.5 Copyright: 2000-2003,2005,2008, Solar Designer 2001, Networks Associates Technology, Inc. 2009, Dmitry V. Levin License: BSD Files: concat.c wordset_4k.c wordset_4k.h pam_macros.h Copyright: 2009, Solar Designer License: Public Domain No license required for any purpose; the work is not subject to copyright in any jurisdiction. Files: debian/* Copyright: 2002–2005, Tollef Fog Heen 2010, martin f. krafft 2013, Jackson Doak License: GPL-2+ License: GPL-2+ This package is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. . This package is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. . You should have received a copy of the GNU General Public License along with this program. If not, see . On Debian systems, the complete text of the GNU General Public License version 2 can be found in "/usr/share/common-licenses/GPL-2". License: cut-down-BSD Redistribution and use in source and binary forms, with or without modification, are permitted. . THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. License: BSD Portions of this software were developed for the FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research program. . Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The name of the author may not be used to endorse or promote products derived from this software without specific prior written permission. . THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. . $FreeBSD: src/lib/libpam/modules/pam_passwdqc/pam_passwdqc.8,v 1.4 2002/05/30 14:49:57 ru Exp $ $Owl: Owl/packages/passwdqc/passwdqc/pam_passwdqc.8,v 1.15 2010/03/13 06:51:46 solar Exp $ debian/pam-configs/0000755000000000000000000000000012207725503011374 5ustar debian/pam-configs/passwdqc0000644000000000000000000000023311347712553013147 0ustar Name: passwdqc password strength enforcement Default: yes Priority: 1024 Conflicts: cracklib Password-Type: Primary Password: requisite pam_passwdqc.so debian/watch0000644000000000000000000000037012201311626010211 0ustar version=3 opts=uversionmangle=s/(\d)[_\.\-\+]?((RC|rc|pre|dev|beta|alpha|b|a)[\-\.]?\d*)$/$1~$2/,dversionmangle=s/\+(debian|dfsg|ds|deb)\d*$// \ http://www.openwall.com/passwdqc/ (?:.*/)?passwdqc[_\-\.]?(\d\S*)\.(?:tgz|tbz2|txz|tar\.(?:gz|bz2|xz)) debian/libpam-passwdqc.postinst0000644000000000000000000000032211347712553014067 0ustar #!/bin/sh # Copyright © 2010 Martin F. Krafft # Released under the terms of the Artistic Licence 2.0 # set -eu pam-auth-update --package passwdqc # See #369953 set +u #DEBHELPER# set -u debian/libpam-passwdqc.doc-base.password-policy0000644000000000000000000000056211347713606017025 0ustar Document: password-strength.txt Title: Password strength policy considerations Author: Solar Designer Abstract: The author puts forth an argument about why the default password strength limits are large. Section: System/Administration Format: text Index: /usr/share/doc/libpam-passwdqc/password-strength.txt Files: /usr/share/doc/libpam-passwdqc/password-strength.txt debian/libpasswdqc0.install0000644000000000000000000000001211347712553013153 0ustar lib/*.so* debian/compat0000644000000000000000000000000212201312234010352 0ustar 9 debian/libpasswdqc0.symbols0000644000000000000000000000035212207617755013210 0ustar # SymbolsHelper-Confirmed: 1.3.0 amd64 libpasswdqc.so.0 libpasswdqc0 #MINVER# passwdqc_check@Base 1.3.0 passwdqc_params_load@Base 1.3.0 passwdqc_params_parse@Base 1.3.0 passwdqc_params_reset@Base 1.3.0 passwdqc_random@Base 1.3.0 debian/libpam-passwdqc.docs0000644000000000000000000000003512201315556013125 0ustar README password-strength.txt debian/libpam-passwdqc.install0000644000000000000000000000014211347712553013652 0ustar lib/security/pam_passwdqc.so usr/share/man/man8 debian/pam-configs/passwdqc usr/share/pam-configs debian/libpam-passwdqc.prerm0000644000000000000000000000037311347712553013337 0ustar #!/bin/sh # Copyright © 2010 Martin F. Krafft # Released under the terms of the Artistic Licence 2.0 # set -eu if [ "$1" = remove ]; then pam-auth-update --package --remove passwdqc fi # See #369953 set +u #DEBHELPER# set -u debian/source/0000755000000000000000000000000012207725503010471 5ustar debian/source/format0000644000000000000000000000001412201257737011702 0ustar 3.0 (quilt) debian/libpam-passwdqc.dirs0000644000000000000000000000002611347712553013146 0ustar usr/share/pam-configs debian/libpasswdqc-dev.install0000644000000000000000000000003111347712553013650 0ustar usr/include usr/lib/*.so debian/rules0000755000000000000000000000044112207733102010242 0ustar #!/usr/bin/make -f # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 # This has to be exported to make some magic below work. export DH_OPTIONS export DEB_LDFLAGS_MAINT_APPEND=-Wl,--as-needed -Wl,-O1 -Wl,-z,relro export DEB_BUILD_MAINT_OPTIONS = hardening=+all %: dh $@ debian/libpasswdqc-dev.docs0000644000000000000000000000001212201315524013114 0ustar INTERNALS debian/control0000644000000000000000000000501712201324523010566 0ustar Source: passwdqc Section: admin Priority: optional Maintainer: Jackson Doak Build-Depends: debhelper (>= 9), libpam-dev Standards-Version: 3.9.4 Homepage: http://www.openwall.com/passwdqc/ Package: passwdqc Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} Description: password strength checking and policy enforcement toolset passwdqc is a password/passphrase strength checking and policy enforcement toolset, including a PAM module (libpam-passwdqc), command-line programs (pwqcheck and pwqgen), and a library (libpasswdqc0). . This package provides pwqcheck and pwqgen, which are standalone password/passphrase strength checking and random passphrase generator programs, respectively, which are usable from scripts. Package: libpasswdqc0 Section: libs Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} Description: password strength checking and policy enforcement library passwdqc is a password/passphrase strength checking and policy enforcement toolset, including a PAM module (libpam-passwdqc), command-line programs (pwqcheck and pwqgen), and a library (libpasswdqc0). . This package provides the underlying library which exports all the functionality. Package: libpasswdqc-dev Section: libdevel Architecture: all Depends: ${shlibs:Depends}, ${misc:Depends}, libpasswdqc0 (>= ${binary:Version}), libpasswdqc0 (<< ${source:Upstream-Version}.1~), Description: password checking and policy enforcement library (devel) (C development files) passwdqc is a password/passphrase strength checking and policy enforcement toolset, including a PAM module (libpam-passwdqc), command-line programs (pwqcheck and pwqgen), and a library (libpasswdqc0). . This package provides the development libraries and header files required to build tools using the libpasswdqc library. Package: libpam-passwdqc Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, libpam-runtime (>= 1.0.1-6) Recommends: passwdqc Description: PAM module for password strength policy enforcement passwdqc is a password/passphrase strength checking and policy enforcement toolset, including a PAM module (libpam-passwdqc), command-line programs (pwqcheck and pwqgen), and a library (libpasswdqc0). . pam_passwdqc (optionally) integrates with PAM such that it gets invoked when users change their passwords. The module is capable of checking password or passphrase strength, enforcing a policy, and offering randomly-generated passphrases, with all of these features being optional and easily (re-)configurable. debian/changelog0000644000000000000000000000457112207616600011047 0ustar passwdqc (1.3.0-1) unstable; urgency=low * Set myself as maintainer. closes: #719106 * Update debian/watch. * New upstream release. * Update to standards version 3.9.4. closes: #676290 * Generate symbols -- Jackson Doak Sat, 10 Aug 2013 07:34:51 +1000 passwdqc (1.2.0-1) unstable; urgency=low * New upstream release. * Add snapshot of upstream's considerations of the default password strength policy to /usr/share/doc/libpam-passwdqc/password-strength.txt. * Bump Standards-Version to 3.8.4; no changes required. -- martin f. krafft Tue, 16 Mar 2010 15:06:40 +0100 passwdqc (1.1.4-1) unstable; urgency=low * Source package name change to follow upstream. * New upstream release (closes: #310595). -- martin f. krafft Thu, 28 Jan 2010 14:20:11 +1300 pam-passwdqc (1.0.5-1) unstable; urgency=low * New upstream release (closes: #354534). * Take over maintenance of this package (closes: #520815). * Switch to dpkgv3 source format. * Integrate with pam-auth-update (closes: #517967). * Switch to using DH7 for packaging (closes: #437734). * Add Vcs-* links to metadata. * Add Homepage link to metadata. * Bump Standards-Version to 3.8.3 without having to make changes. * Use TopGit+quilt for packaging. -- martin f. krafft Thu, 28 Jan 2010 09:47:03 +1300 pam-passwdqc (0.7.5-1) unstable; urgency=low * New upstream release (closes: #286113) -- Tollef Fog Heen Sat, 1 Jan 2005 21:55:00 +0100 pam-passwdqc (0.7-5) unstable; urgency=low * Link using gcc instead of ld (closes: #164319) -- Tollef Fog Heen Thu, 17 Oct 2002 04:23:13 +0200 pam-passwdqc (0.7-4) unstable; urgency=low * Rename binary-dep to binary-arch. Silly typo. (closes: #164711) -- Tollef Fog Heen Wed, 16 Oct 2002 01:32:03 +0200 pam-passwdqc (0.7-3) unstable; urgency=low * Retry upload, this time with full source. -- Tollef Fog Heen Wed, 2 Oct 2002 08:02:25 +0200 pam-passwdqc (0.7-2) unstable; urgency=low * Included full copyright in copyright file. -- Tollef Fog Heen Tue, 1 Oct 2002 10:37:30 +0200 pam-passwdqc (0.7-1) unstable; urgency=low * Initial packaging for Debian (closes: #138631) -- Tollef Fog Heen Tue, 24 Sep 2002 17:15:33 +0200 debian/README.source0000644000000000000000000000126711347712553011363 0ustar Building passwdqc for Debian ---------------------------- The passwdqc source package uses quilt to apply and remove its patches. Please refer to /usr/share/doc/quilt/README.source for information about how to use quilt for source packages. The quilt series is generated from the Git repository, using TopGit. This process is documented in /usr/share/doc/topgit/HOWTO-tg2quilt.gz . The pam-passwdqc packages uses the following branch layout: fixes/* patches destined to go upstream contrib/* contributed content contrib/docs/* additional documentation debian/* debian-specific changes -- martin f. krafft Thu, 28 Jan 2010 14:22:40 +1300 debian/passwdqc.install0000644000000000000000000000006011347712553012407 0ustar usr/bin etc/passwdqc.conf usr/share/man/man[15]