Bug 1027310

Summary: Option -B still generates passwords with confusing characters
Product: [Fedora] Fedora EPEL Reporter: Robert Scheck <redhat-bugzilla>
Component: pwgenAssignee: jbowes
Status: CLOSED EOL QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: unspecified    
Version: el6CC: ellingsw+29044, jbowes, orion, robert.scheck, sebastian.leitz
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-11-30 15:57:01 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Robert Scheck 2013-11-06 14:21:48 UTC 
Description of problem:
According to the man page the option -B should not generate passwords with
confusing characters such as "l" and "1", or "0" or "O". However there are
still confusing characters included when using it:

$ pwgen -B -c -n 10 100 | grep -E "(l|I|1|0|O)"
aiyai7Iini
IeFumee9Oo
deiy9Ietoe
Oobu3theix
cheezoQu7I
Oophe7ephe
Ic9ahd3if3
thi7doh9Oh
$

Depending on the font the users are not really able to distinguish if one of
the characters in question is a "l", "I", "1", "0" or "O". Can we please get
this proper fixed?

Version-Release number of selected component (if applicable):
pwgen-2.06-5.el6.x86_64

How reproducible:
pwgen -B -c -n 10 100 | grep -E "(l|I|1|0|O)"

Actual results:
Option -B still generates passwords with confusing characters.

Expected results:
Option -B should not generate passwords with confusing characters.
Comment 1 Sebastian 2013-11-06 16:23:09 UTC 
Additional information:

When using
pwgen -B
pwgen -B -c

the above issue does not occur. Obviously the combined usage of -B and -n is the actual problem.
Comment 2 Orion Poplawski 2014-12-05 18:10:21 UTC 
Is https://admin.fedoraproject.org/updates/pwgen-2.07-1.el6 any beter?
Comment 3 Steven W. Elling 2017-04-14 02:05:09 UTC 
pwgen-2.07-3 isn't any better.  And, the '-v' option does not work as I would expect either.


~ $> pwgen -Bs 10 10 | grep '[1lI0O]'
20YM0BTfzu
2axYWc1Mrs
9wKgbW1vaX
sQQr1xxcAL
sVMyo0XMxF
HEBOgCJ4BZ
MMzOJ0HAP8
6YJU1V536b

~ $> pwgen -By 10 1000 | grep '[1lI0O]'

~ $> pwgen -vs 10 10 | grep '[10aeiou]'
qiORlRLc6G
jKPhQG8tL1
qH5GZk1rwT
L5eH3pxoWn
VnvR89Tp0D
O6pjnIVIiX
3De4GBtgqf

~ $> pwgen -vy 10 1000 | grep '[10aeiou]'

~ $> rpm -qa pwgen
pwgen-2.07-3.fc24.x86_64

~$> dnf info pwgen
Last metadata expiration check: 0:01:16 ago on Thu Apr 13 20:39:59 2017.
Installed Packages
Name        : pwgen
Arch        : x86_64
Epoch       : 0
Version     : 2.07
Release     : 3.fc24
Size        : 41 k
Repo        : @System
From repo   : @commandline
Comment 4 Steven W. Elling 2019-07-16 05:52:10 UTC 
pwgen-2.08-1 from Fedora 29 works as expected.

~ $> rpm -qi pwgen
Name        : pwgen
Version     : 2.08
Release     : 1.fc29
Architecture: x86_64
Install Date: Fri 14 Jun 2019 12:00:53 AM CDT
Group       : Unspecified
Size        : 50346
License     : GPL+
Signature   : RSA/SHA256, Mon 23 Jul 2018 08:19:31 AM CDT, Key ID a20aa56b429476b4
Source RPM  : pwgen-2.08-1.fc29.src.rpm
Build Date  : Mon 23 Jul 2018 08:16:56 AM CDT
Build Host  : buildvm-05.phx2.fedoraproject.org
Relocations : (not relocatable)
Packager    : Fedora Project
Vendor      : Fedora Project
URL         : http://sf.net/projects/pwgen
Bug URL     : https://bugz.fedoraproject.org/pwgen
Summary     : Automatic password generation
Description :
pwgen generates random, meaningless but pronounceable passwords. These
passwords contain either only lowercase letters, or upper and lower case, or
upper case, lower case and numeric digits. Upper case letters and numeric
digits are placed in a way that eases memorizing the password.

~ $> pwgen -Bs 10 10 | grep '[1lI0O]'

~ $> pwgen -By 10 1000 | grep '[1lI0O]'

~ $> pwgen -vs 10 10 | grep '[10aeiou]'

~ $> pwgen -vy 10 1000 | grep '[10aeiou]'
Comment 5 Ben Cotton 2020-11-05 16:48:28 UTC 
This message is a reminder that EPEL 6 is nearing its end of life. Fedora will stop maintaining and issuing updates for EPEL 6 on 2020-11-30. It is our policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a 'version' of 'el6'.

Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later EPEL version.

Thank you for reporting this issue and we are sorry that we were not able to fix it before EPEL 6 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged  change the 'version' to a later Fedora version prior this bug is closed as described in the policy above.
Comment 6 Ben Cotton 2020-11-30 15:57:01 UTC 
EPEL el6 changed to end-of-life (EOL) status on 2020-11-30. EPEL el6 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
EPEL please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.