Bug 608353 - Odd user credentials settings
Odd user credentials settings
Status: CLOSED DEFERRED
Product: Red Hat Satellite 5
Classification: Red Hat
Component: WebUI (Show other bugs)
530
All Linux
low Severity low
: ---
: ---
Assigned To: Tomas Lestach
Red Hat Satellite QA List
:
Depends On:
Blocks: 462714
  Show dependency treegraph
 
Reported: 2010-06-26 18:37 EDT by Luc de Louw
Modified: 2015-05-29 16:10 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-05-29 16:10:43 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Luc de Louw 2010-06-26 18:37:30 EDT
Description of problem:
When installing a RHN Satellite or Spacewalk server the default value of web.min_user_len as well as min password length is set to five chars. 

The minimum user name length is quite useless, in contrary a five char password is way to short. Also insecure password such as "blahblah" are accepted.

It would be great to inherit such setting from PAM of the system where the RHN Satellite/Spacewalk Server is installed.

Version-Release number of selected component (if applicable):
- RHN Satellite 5.3.0, latest patches applied
- Spacewalk 1.0

How reproducible:
Always

Steps to Reproduce:
1. Create a new user such as "root"
  
Actual results:
Logins must be no shorter than 3 characters

Expected results:
New user should be created, but password need to more secure.

Additional info:
Maybe the it would be a good idea to use PAM for authenticate users. This would enable companies to enforce its password policies also for the satellite/spacewalk server.
Comment 1 Luc de Louw 2010-06-26 18:40:04 EDT
Logins must be no shorter than 3 characters was after following https://access.redhat.com/kb/docs/DOC-11082. It was a copy-paste mistake, s/3/5/g

Additionally I wanted to add: Red Hat Support gets confused in support cases when users len is less that five.

Note You need to log in before you can comment on or make changes to this bug.