From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.4.3-12smp i686)
Description of problem:
Installed out-of-box Redhat 7.2 on a box. User with a 9 character password
complained that he couldn't login. I applied the updated pam-0.75-19 errata
package along with the other two packages included in that errata. Problem was
We are using an NIS password file.
This user can login by just typing the first 8 characters of his password.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1.Use NIS password file with DES encryption.
2.Have user create a 9 character password.
3.Try logging in through KDE or via telnet.
Actual Results: Login is rejected.
Expected Results: pam should have ignored input characters beyond 8.
This problem was solved with earlier Redhat releases and is now back. Despite
closing notation in another bug I saw in Bugzilla (Sorry, I don't have the
number readily available), the problem is not fixed.
Further investigation revealed that this bug report should be canceled.
The pam-unix module of pam-0.75-14 would reject 9 character passwords but that
fixed with pam-0.75-19.
The password rejection behavior occurs when a user with such a password tries to
login via kdm.
I will check into this some more and, if necessary, file a different bug report.