Description of problem: John the ripper does not support cracking in incremental mode of passwords longer than 8 characters. But MD5 hashed passwords, the default scheme shipped with fedora, support much longer length passwords. John as currently shipped can not therefore be used reliably to check the integrity of passwords in incremental mode. Version-Release number of selected component (if applicable): john-1.7.0.2-3.fc7 How reproducible: always Steps to Reproduce: 1. edit /etc/john.conf by changing MaxLen to a value greater than 8. Actual results: For instance if I set MaxLen = 14, john reports: MaxLen = 14 exceeds the compile-time limit of 8 There are several good reasons why you probably don't need to raise it: - many hash types don't support passwords (or password halves) longer than 7 or 8 characters; - you probably don't have sufficient statistical information to generate a charset file for lengths beyond 8; - the limitation applies to incremental mode only. Expected results: john should run in incremental mode. Additional info: Since the minimum password length is 6 by default and john restricts the max length to 8, incremental mode can only possibly crack a small number of passwords. This is dependent on the average length of users' passwords of course, but I know of some systems that use passwords longer than 8 characters. If fedora ships with a default password scheme that allows for longer passwords then john should have a more reasonable MaxLen compiled in.
Did you read the thread beginning in http://www.openwall.com/lists/john-users/2007/07/03/1 and all its references and especially the following mail? http://www.openwall.com/lists/john-users/2007/07/04/5 Imho it does not make much sense to use incremental mode for very long passwords, because it will take too long. Using a wordlist is a more realistic approach. Therefore I guess I close this ticket WONTFIX. Maybe you can persuade someone to collect statistical information for longer passwords and submit it upstream, then it will get into Fedora's john eventually.