Why is the maximum length of openwrt’s root password 8 characters? The 2019 Stack Overflow Developer Survey Results Are InHosting providers limiting the password length or allowed charactersCan only see 2GB of 4GB on 2.6.26-1-xen-amd64 debian 5, Dell PowerEdge 860How I can identify which process is making UDP traffic on Linux?pam_cracklib on Linux: how to disable creditsHow to enforce password complexity in Redhat?Strange OpenVPN behavior - disconnects after one minuteAllow linux root user mysql root access without passwordTurn off password expiration after user changes password (Linux)Changing the root passworddisable maximum password length on Windows Server
Python comments not highlighted with lstlisting
In What Way Would Cryomancy Affect the Food Eaten by Medieval People?
Typesetting a double Over Dot on top of a symbol
Is this food a bread or a loaf?
It's possible to achieve negative score?
What is the motivation for a law requiring 2 parties to consent for recording a conversation
How long do I have to send payment?
Do Shazam and Man of Steel exist in same universe?
Unbreakable Formation vs. Cry of the Carnarium
Does a dangling wire really electrocute me if I'm standing in water?
Why is it "Tumoren" and not "Tumore"?
If you're not a professional, what motivates you to keep writing?
Why do UK politicians seemingly ignore opinion polls on Brexit?
Can we apply L'Hospital's rule?
Spanish for "widget"
How did the USSR manage to innovate in an environment characterized by government censorship and high bureaucracy?
Manuscript was "unsubmitted" because the manuscript was deposited in Arxiv Preprints
The difference between dialogue marks
aging parents with no investments
How would photo IDs work for shapeshifters?
Landlord wants to switch my lease to a "Land contract" to "get back at the city"
Did USCIS resume its biometric service for UK visa
Is it worth rebuilding a wheel myself to save money?
How was Skylab's orbit inclination chosen?
Why is the maximum length of openwrt’s root password 8 characters?
The 2019 Stack Overflow Developer Survey Results Are InHosting providers limiting the password length or allowed charactersCan only see 2GB of 4GB on 2.6.26-1-xen-amd64 debian 5, Dell PowerEdge 860How I can identify which process is making UDP traffic on Linux?pam_cracklib on Linux: how to disable creditsHow to enforce password complexity in Redhat?Strange OpenVPN behavior - disconnects after one minuteAllow linux root user mysql root access without passwordTurn off password expiration after user changes password (Linux)Changing the root passworddisable maximum password length on Windows Server
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
When I try to set root's password:
root@OpenWrt:~# passwd
Changing password for root
Enter the new password (minimum of 5, maximum of 8 characters)
Please use a combination of upper and lower case letters and numbers.
It seems the maximum length is 8. If I try to set a password longer than 8, only first 8 characters is valid.
How can I set a longer password for root?
My openwrt version:
Linux OpenWrt 4.14.108 #0 SMP Wed Mar 27 21:59:03 2019 x86_64 GNU/Linux
linux password root openwrt passwd
add a comment |
When I try to set root's password:
root@OpenWrt:~# passwd
Changing password for root
Enter the new password (minimum of 5, maximum of 8 characters)
Please use a combination of upper and lower case letters and numbers.
It seems the maximum length is 8. If I try to set a password longer than 8, only first 8 characters is valid.
How can I set a longer password for root?
My openwrt version:
Linux OpenWrt 4.14.108 #0 SMP Wed Mar 27 21:59:03 2019 x86_64 GNU/Linux
linux password root openwrt passwd
add a comment |
When I try to set root's password:
root@OpenWrt:~# passwd
Changing password for root
Enter the new password (minimum of 5, maximum of 8 characters)
Please use a combination of upper and lower case letters and numbers.
It seems the maximum length is 8. If I try to set a password longer than 8, only first 8 characters is valid.
How can I set a longer password for root?
My openwrt version:
Linux OpenWrt 4.14.108 #0 SMP Wed Mar 27 21:59:03 2019 x86_64 GNU/Linux
linux password root openwrt passwd
When I try to set root's password:
root@OpenWrt:~# passwd
Changing password for root
Enter the new password (minimum of 5, maximum of 8 characters)
Please use a combination of upper and lower case letters and numbers.
It seems the maximum length is 8. If I try to set a password longer than 8, only first 8 characters is valid.
How can I set a longer password for root?
My openwrt version:
Linux OpenWrt 4.14.108 #0 SMP Wed Mar 27 21:59:03 2019 x86_64 GNU/Linux
linux password root openwrt passwd
linux password root openwrt passwd
edited 51 mins ago
Machavity
577517
577517
asked 5 hours ago
Alan42Alan42
1417
1417
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
I modified this in /etc/login.defs
PASS_MAX_LEN 8
problem fixed.
====================
Important additions:
After I changed the above parameters, although I can set a password larger than 8 digits, it is still invalid because the real password is only the first eight digits. I don't know if this is my problem.
My final solution is to set
# ENCRYPT_METHOD DES
to
ENCRYPT_METHOD MD5
in/etc/login.defs
.
Now, I can finally set a root password that is really larger than eight.
6
Good fix, but bad original choice for a system default though...
– HBruijn
4 hours ago
3
I assume you changed your password to something longer than 8 characters now. Can you try if logging in with just the first 8 characters of your longer password works? Because it just might...
– marcelm
2 hours ago
Thank you marcelm. You are right and I found another solution.
– Alan42
52 mins ago
1
You might consider changing that to SHA256 or SHA512 or they are supported - MD5 is considered broken these days.
– PhilippNagel
23 mins ago
add a comment |
This is because DES-based crypt truncates at 8 bytes.
That's the answer to your direct question, but here's some general advice implied by your context:
Fortunately, from my reading,
MD5
in/etc/login.defs
is actually *md5crypt" ($1$), which, while a little outdated and no longer supported, is still far superior to DES-based crypt.It looks like
SHA256
(actually sha256crypt) andSHA512
(actually sha512crypt) are also there. I would pick one of those instead.If you set your password to
password
or something under each scheme, you can visually verify whether or not my conclusion that they're the -crypt variants is correct (examples here are taken from the hashcat example hashes, all 'hashcat', some wrapped for readability):
Not recommended:
MD5 - 8743b52063cd84097a65d1633f5c74f5
SHA256 - 127e6fbfe24a750e72930c220a8e138275656b8e5d8f48a98c3c92df2caba935
SHA512 - 82a9dda829eb7f8ffe9fbe49e45d47d2dad9664fbb7adf72492e3c81ebd3e2
9134d9bc12212bf83c6840f10e8246b9db54a4859b7ccd0123d86e5872c1e5082f
descrypt - 48c/R8JAv757A
OK:
md5crypt - $1$28772684$iEwNOgGugqO9.bIz5sk8k/
Better:
sha256crypt - $5$rounds=5000$GX7BopJZJxPc/KEK$le16UF8I2Anb.rOrn22AUPWvzUETDGefUmAV8AZkGcD
sha512crypt - $6$52450745$k5ka2p8bFuSmoVT1tzOyyuaREkkKBcCNqoDKzYiJL9RaE8yMnPgh2XzzF0NDrUhgrcLwg78xs1w5pJiypEdFX/
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f962214%2fwhy-is-the-maximum-length-of-openwrt-s-root-password-8-characters%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
I modified this in /etc/login.defs
PASS_MAX_LEN 8
problem fixed.
====================
Important additions:
After I changed the above parameters, although I can set a password larger than 8 digits, it is still invalid because the real password is only the first eight digits. I don't know if this is my problem.
My final solution is to set
# ENCRYPT_METHOD DES
to
ENCRYPT_METHOD MD5
in/etc/login.defs
.
Now, I can finally set a root password that is really larger than eight.
6
Good fix, but bad original choice for a system default though...
– HBruijn
4 hours ago
3
I assume you changed your password to something longer than 8 characters now. Can you try if logging in with just the first 8 characters of your longer password works? Because it just might...
– marcelm
2 hours ago
Thank you marcelm. You are right and I found another solution.
– Alan42
52 mins ago
1
You might consider changing that to SHA256 or SHA512 or they are supported - MD5 is considered broken these days.
– PhilippNagel
23 mins ago
add a comment |
I modified this in /etc/login.defs
PASS_MAX_LEN 8
problem fixed.
====================
Important additions:
After I changed the above parameters, although I can set a password larger than 8 digits, it is still invalid because the real password is only the first eight digits. I don't know if this is my problem.
My final solution is to set
# ENCRYPT_METHOD DES
to
ENCRYPT_METHOD MD5
in/etc/login.defs
.
Now, I can finally set a root password that is really larger than eight.
6
Good fix, but bad original choice for a system default though...
– HBruijn
4 hours ago
3
I assume you changed your password to something longer than 8 characters now. Can you try if logging in with just the first 8 characters of your longer password works? Because it just might...
– marcelm
2 hours ago
Thank you marcelm. You are right and I found another solution.
– Alan42
52 mins ago
1
You might consider changing that to SHA256 or SHA512 or they are supported - MD5 is considered broken these days.
– PhilippNagel
23 mins ago
add a comment |
I modified this in /etc/login.defs
PASS_MAX_LEN 8
problem fixed.
====================
Important additions:
After I changed the above parameters, although I can set a password larger than 8 digits, it is still invalid because the real password is only the first eight digits. I don't know if this is my problem.
My final solution is to set
# ENCRYPT_METHOD DES
to
ENCRYPT_METHOD MD5
in/etc/login.defs
.
Now, I can finally set a root password that is really larger than eight.
I modified this in /etc/login.defs
PASS_MAX_LEN 8
problem fixed.
====================
Important additions:
After I changed the above parameters, although I can set a password larger than 8 digits, it is still invalid because the real password is only the first eight digits. I don't know if this is my problem.
My final solution is to set
# ENCRYPT_METHOD DES
to
ENCRYPT_METHOD MD5
in/etc/login.defs
.
Now, I can finally set a root password that is really larger than eight.
edited 55 mins ago
answered 4 hours ago
Alan42Alan42
1417
1417
6
Good fix, but bad original choice for a system default though...
– HBruijn
4 hours ago
3
I assume you changed your password to something longer than 8 characters now. Can you try if logging in with just the first 8 characters of your longer password works? Because it just might...
– marcelm
2 hours ago
Thank you marcelm. You are right and I found another solution.
– Alan42
52 mins ago
1
You might consider changing that to SHA256 or SHA512 or they are supported - MD5 is considered broken these days.
– PhilippNagel
23 mins ago
add a comment |
6
Good fix, but bad original choice for a system default though...
– HBruijn
4 hours ago
3
I assume you changed your password to something longer than 8 characters now. Can you try if logging in with just the first 8 characters of your longer password works? Because it just might...
– marcelm
2 hours ago
Thank you marcelm. You are right and I found another solution.
– Alan42
52 mins ago
1
You might consider changing that to SHA256 or SHA512 or they are supported - MD5 is considered broken these days.
– PhilippNagel
23 mins ago
6
6
Good fix, but bad original choice for a system default though...
– HBruijn
4 hours ago
Good fix, but bad original choice for a system default though...
– HBruijn
4 hours ago
3
3
I assume you changed your password to something longer than 8 characters now. Can you try if logging in with just the first 8 characters of your longer password works? Because it just might...
– marcelm
2 hours ago
I assume you changed your password to something longer than 8 characters now. Can you try if logging in with just the first 8 characters of your longer password works? Because it just might...
– marcelm
2 hours ago
Thank you marcelm. You are right and I found another solution.
– Alan42
52 mins ago
Thank you marcelm. You are right and I found another solution.
– Alan42
52 mins ago
1
1
You might consider changing that to SHA256 or SHA512 or they are supported - MD5 is considered broken these days.
– PhilippNagel
23 mins ago
You might consider changing that to SHA256 or SHA512 or they are supported - MD5 is considered broken these days.
– PhilippNagel
23 mins ago
add a comment |
This is because DES-based crypt truncates at 8 bytes.
That's the answer to your direct question, but here's some general advice implied by your context:
Fortunately, from my reading,
MD5
in/etc/login.defs
is actually *md5crypt" ($1$), which, while a little outdated and no longer supported, is still far superior to DES-based crypt.It looks like
SHA256
(actually sha256crypt) andSHA512
(actually sha512crypt) are also there. I would pick one of those instead.If you set your password to
password
or something under each scheme, you can visually verify whether or not my conclusion that they're the -crypt variants is correct (examples here are taken from the hashcat example hashes, all 'hashcat', some wrapped for readability):
Not recommended:
MD5 - 8743b52063cd84097a65d1633f5c74f5
SHA256 - 127e6fbfe24a750e72930c220a8e138275656b8e5d8f48a98c3c92df2caba935
SHA512 - 82a9dda829eb7f8ffe9fbe49e45d47d2dad9664fbb7adf72492e3c81ebd3e2
9134d9bc12212bf83c6840f10e8246b9db54a4859b7ccd0123d86e5872c1e5082f
descrypt - 48c/R8JAv757A
OK:
md5crypt - $1$28772684$iEwNOgGugqO9.bIz5sk8k/
Better:
sha256crypt - $5$rounds=5000$GX7BopJZJxPc/KEK$le16UF8I2Anb.rOrn22AUPWvzUETDGefUmAV8AZkGcD
sha512crypt - $6$52450745$k5ka2p8bFuSmoVT1tzOyyuaREkkKBcCNqoDKzYiJL9RaE8yMnPgh2XzzF0NDrUhgrcLwg78xs1w5pJiypEdFX/
add a comment |
This is because DES-based crypt truncates at 8 bytes.
That's the answer to your direct question, but here's some general advice implied by your context:
Fortunately, from my reading,
MD5
in/etc/login.defs
is actually *md5crypt" ($1$), which, while a little outdated and no longer supported, is still far superior to DES-based crypt.It looks like
SHA256
(actually sha256crypt) andSHA512
(actually sha512crypt) are also there. I would pick one of those instead.If you set your password to
password
or something under each scheme, you can visually verify whether or not my conclusion that they're the -crypt variants is correct (examples here are taken from the hashcat example hashes, all 'hashcat', some wrapped for readability):
Not recommended:
MD5 - 8743b52063cd84097a65d1633f5c74f5
SHA256 - 127e6fbfe24a750e72930c220a8e138275656b8e5d8f48a98c3c92df2caba935
SHA512 - 82a9dda829eb7f8ffe9fbe49e45d47d2dad9664fbb7adf72492e3c81ebd3e2
9134d9bc12212bf83c6840f10e8246b9db54a4859b7ccd0123d86e5872c1e5082f
descrypt - 48c/R8JAv757A
OK:
md5crypt - $1$28772684$iEwNOgGugqO9.bIz5sk8k/
Better:
sha256crypt - $5$rounds=5000$GX7BopJZJxPc/KEK$le16UF8I2Anb.rOrn22AUPWvzUETDGefUmAV8AZkGcD
sha512crypt - $6$52450745$k5ka2p8bFuSmoVT1tzOyyuaREkkKBcCNqoDKzYiJL9RaE8yMnPgh2XzzF0NDrUhgrcLwg78xs1w5pJiypEdFX/
add a comment |
This is because DES-based crypt truncates at 8 bytes.
That's the answer to your direct question, but here's some general advice implied by your context:
Fortunately, from my reading,
MD5
in/etc/login.defs
is actually *md5crypt" ($1$), which, while a little outdated and no longer supported, is still far superior to DES-based crypt.It looks like
SHA256
(actually sha256crypt) andSHA512
(actually sha512crypt) are also there. I would pick one of those instead.If you set your password to
password
or something under each scheme, you can visually verify whether or not my conclusion that they're the -crypt variants is correct (examples here are taken from the hashcat example hashes, all 'hashcat', some wrapped for readability):
Not recommended:
MD5 - 8743b52063cd84097a65d1633f5c74f5
SHA256 - 127e6fbfe24a750e72930c220a8e138275656b8e5d8f48a98c3c92df2caba935
SHA512 - 82a9dda829eb7f8ffe9fbe49e45d47d2dad9664fbb7adf72492e3c81ebd3e2
9134d9bc12212bf83c6840f10e8246b9db54a4859b7ccd0123d86e5872c1e5082f
descrypt - 48c/R8JAv757A
OK:
md5crypt - $1$28772684$iEwNOgGugqO9.bIz5sk8k/
Better:
sha256crypt - $5$rounds=5000$GX7BopJZJxPc/KEK$le16UF8I2Anb.rOrn22AUPWvzUETDGefUmAV8AZkGcD
sha512crypt - $6$52450745$k5ka2p8bFuSmoVT1tzOyyuaREkkKBcCNqoDKzYiJL9RaE8yMnPgh2XzzF0NDrUhgrcLwg78xs1w5pJiypEdFX/
This is because DES-based crypt truncates at 8 bytes.
That's the answer to your direct question, but here's some general advice implied by your context:
Fortunately, from my reading,
MD5
in/etc/login.defs
is actually *md5crypt" ($1$), which, while a little outdated and no longer supported, is still far superior to DES-based crypt.It looks like
SHA256
(actually sha256crypt) andSHA512
(actually sha512crypt) are also there. I would pick one of those instead.If you set your password to
password
or something under each scheme, you can visually verify whether or not my conclusion that they're the -crypt variants is correct (examples here are taken from the hashcat example hashes, all 'hashcat', some wrapped for readability):
Not recommended:
MD5 - 8743b52063cd84097a65d1633f5c74f5
SHA256 - 127e6fbfe24a750e72930c220a8e138275656b8e5d8f48a98c3c92df2caba935
SHA512 - 82a9dda829eb7f8ffe9fbe49e45d47d2dad9664fbb7adf72492e3c81ebd3e2
9134d9bc12212bf83c6840f10e8246b9db54a4859b7ccd0123d86e5872c1e5082f
descrypt - 48c/R8JAv757A
OK:
md5crypt - $1$28772684$iEwNOgGugqO9.bIz5sk8k/
Better:
sha256crypt - $5$rounds=5000$GX7BopJZJxPc/KEK$le16UF8I2Anb.rOrn22AUPWvzUETDGefUmAV8AZkGcD
sha512crypt - $6$52450745$k5ka2p8bFuSmoVT1tzOyyuaREkkKBcCNqoDKzYiJL9RaE8yMnPgh2XzzF0NDrUhgrcLwg78xs1w5pJiypEdFX/
answered 6 mins ago
Royce WilliamsRoyce Williams
917513
917513
add a comment |
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f962214%2fwhy-is-the-maximum-length-of-openwrt-s-root-password-8-characters%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown