Why is the maximum length of openwrt’s root password 8 characters? The 2019 Stack Overflow Developer Survey Results Are InHosting providers limiting the password length or allowed charactersCan only see 2GB of 4GB on 2.6.26-1-xen-amd64 debian 5, Dell PowerEdge 860How I can identify which process is making UDP traffic on Linux?pam_cracklib on Linux: how to disable creditsHow to enforce password complexity in Redhat?Strange OpenVPN behavior - disconnects after one minuteAllow linux root user mysql root access without passwordTurn off password expiration after user changes password (Linux)Changing the root passworddisable maximum password length on Windows Server

Python comments not highlighted with lstlisting

In What Way Would Cryomancy Affect the Food Eaten by Medieval People?

Typesetting a double Over Dot on top of a symbol

Is this food a bread or a loaf?

It's possible to achieve negative score?

What is the motivation for a law requiring 2 parties to consent for recording a conversation

How long do I have to send payment?

Do Shazam and Man of Steel exist in same universe?

Unbreakable Formation vs. Cry of the Carnarium

Does a dangling wire really electrocute me if I'm standing in water?

Why is it "Tumoren" and not "Tumore"?

If you're not a professional, what motivates you to keep writing?

Why do UK politicians seemingly ignore opinion polls on Brexit?

Can we apply L'Hospital's rule?

Spanish for "widget"

How did the USSR manage to innovate in an environment characterized by government censorship and high bureaucracy?

Manuscript was "unsubmitted" because the manuscript was deposited in Arxiv Preprints

The difference between dialogue marks

aging parents with no investments

How would photo IDs work for shapeshifters?

Landlord wants to switch my lease to a "Land contract" to "get back at the city"

Did USCIS resume its biometric service for UK visa

Is it worth rebuilding a wheel myself to save money?

How was Skylab's orbit inclination chosen?



Why is the maximum length of openwrt’s root password 8 characters?



The 2019 Stack Overflow Developer Survey Results Are InHosting providers limiting the password length or allowed charactersCan only see 2GB of 4GB on 2.6.26-1-xen-amd64 debian 5, Dell PowerEdge 860How I can identify which process is making UDP traffic on Linux?pam_cracklib on Linux: how to disable creditsHow to enforce password complexity in Redhat?Strange OpenVPN behavior - disconnects after one minuteAllow linux root user mysql root access without passwordTurn off password expiration after user changes password (Linux)Changing the root passworddisable maximum password length on Windows Server



.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;








8















When I try to set root's password:



root@OpenWrt:~# passwd
Changing password for root
Enter the new password (minimum of 5, maximum of 8 characters)
Please use a combination of upper and lower case letters and numbers.


It seems the maximum length is 8. If I try to set a password longer than 8, only first 8 characters is valid.
How can I set a longer password for root?



My openwrt version:



Linux OpenWrt 4.14.108 #0 SMP Wed Mar 27 21:59:03 2019 x86_64 GNU/Linux









share|improve this question






























    8















    When I try to set root's password:



    root@OpenWrt:~# passwd
    Changing password for root
    Enter the new password (minimum of 5, maximum of 8 characters)
    Please use a combination of upper and lower case letters and numbers.


    It seems the maximum length is 8. If I try to set a password longer than 8, only first 8 characters is valid.
    How can I set a longer password for root?



    My openwrt version:



    Linux OpenWrt 4.14.108 #0 SMP Wed Mar 27 21:59:03 2019 x86_64 GNU/Linux









    share|improve this question


























      8












      8








      8








      When I try to set root's password:



      root@OpenWrt:~# passwd
      Changing password for root
      Enter the new password (minimum of 5, maximum of 8 characters)
      Please use a combination of upper and lower case letters and numbers.


      It seems the maximum length is 8. If I try to set a password longer than 8, only first 8 characters is valid.
      How can I set a longer password for root?



      My openwrt version:



      Linux OpenWrt 4.14.108 #0 SMP Wed Mar 27 21:59:03 2019 x86_64 GNU/Linux









      share|improve this question
















      When I try to set root's password:



      root@OpenWrt:~# passwd
      Changing password for root
      Enter the new password (minimum of 5, maximum of 8 characters)
      Please use a combination of upper and lower case letters and numbers.


      It seems the maximum length is 8. If I try to set a password longer than 8, only first 8 characters is valid.
      How can I set a longer password for root?



      My openwrt version:



      Linux OpenWrt 4.14.108 #0 SMP Wed Mar 27 21:59:03 2019 x86_64 GNU/Linux






      linux password root openwrt passwd






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited 51 mins ago









      Machavity

      577517




      577517










      asked 5 hours ago









      Alan42Alan42

      1417




      1417




















          2 Answers
          2






          active

          oldest

          votes


















          10














          I modified this in /etc/login.defs



          PASS_MAX_LEN 8


          problem fixed.



          ====================



          Important additions:



          After I changed the above parameters, although I can set a password larger than 8 digits, it is still invalid because the real password is only the first eight digits. I don't know if this is my problem.



          My final solution is to set



          # ENCRYPT_METHOD DES


          to



          ENCRYPT_METHOD MD5


          in/etc/login.defs.



          Now, I can finally set a root password that is really larger than eight.






          share|improve this answer




















          • 6





            Good fix, but bad original choice for a system default though...

            – HBruijn
            4 hours ago






          • 3





            I assume you changed your password to something longer than 8 characters now. Can you try if logging in with just the first 8 characters of your longer password works? Because it just might...

            – marcelm
            2 hours ago











          • Thank you marcelm. You are right and I found another solution.

            – Alan42
            52 mins ago






          • 1





            You might consider changing that to SHA256 or SHA512 or they are supported - MD5 is considered broken these days.

            – PhilippNagel
            23 mins ago


















          0














          This is because DES-based crypt truncates at 8 bytes.



          That's the answer to your direct question, but here's some general advice implied by your context:



          • Fortunately, from my reading, MD5 in /etc/login.defs is actually *md5crypt" ($1$), which, while a little outdated and no longer supported, is still far superior to DES-based crypt.


          • It looks like SHA256 (actually sha256crypt) and SHA512 (actually sha512crypt) are also there. I would pick one of those instead.


          • If you set your password to password or something under each scheme, you can visually verify whether or not my conclusion that they're the -crypt variants is correct (examples here are taken from the hashcat example hashes, all 'hashcat', some wrapped for readability):


          Not recommended:



          MD5 - 8743b52063cd84097a65d1633f5c74f5
          SHA256 - 127e6fbfe24a750e72930c220a8e138275656b8e5d8f48a98c3c92df2caba935
          SHA512 - 82a9dda829eb7f8ffe9fbe49e45d47d2dad9664fbb7adf72492e3c81ebd3e2
          9134d9bc12212bf83c6840f10e8246b9db54a4859b7ccd0123d86e5872c1e5082f
          descrypt - 48c/R8JAv757A


          OK:



          md5crypt - $1$28772684$iEwNOgGugqO9.bIz5sk8k/


          Better:



          sha256crypt - $5$rounds=5000$GX7BopJZJxPc/KEK$le16UF8I2Anb.rOrn22AUPWvzUETDGefUmAV8AZkGcD
          sha512crypt - $6$52450745$k5ka2p8bFuSmoVT1tzOyyuaREkkKBcCNqoDKzYiJL9RaE8yMnPgh2XzzF0NDrUhgrcLwg78xs1w5pJiypEdFX/




          share























            Your Answer








            StackExchange.ready(function()
            var channelOptions =
            tags: "".split(" "),
            id: "2"
            ;
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function()
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled)
            StackExchange.using("snippets", function()
            createEditor();
            );

            else
            createEditor();

            );

            function createEditor()
            StackExchange.prepareEditor(
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader:
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            ,
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            );



            );













            draft saved

            draft discarded


















            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f962214%2fwhy-is-the-maximum-length-of-openwrt-s-root-password-8-characters%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown

























            2 Answers
            2






            active

            oldest

            votes








            2 Answers
            2






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            10














            I modified this in /etc/login.defs



            PASS_MAX_LEN 8


            problem fixed.



            ====================



            Important additions:



            After I changed the above parameters, although I can set a password larger than 8 digits, it is still invalid because the real password is only the first eight digits. I don't know if this is my problem.



            My final solution is to set



            # ENCRYPT_METHOD DES


            to



            ENCRYPT_METHOD MD5


            in/etc/login.defs.



            Now, I can finally set a root password that is really larger than eight.






            share|improve this answer




















            • 6





              Good fix, but bad original choice for a system default though...

              – HBruijn
              4 hours ago






            • 3





              I assume you changed your password to something longer than 8 characters now. Can you try if logging in with just the first 8 characters of your longer password works? Because it just might...

              – marcelm
              2 hours ago











            • Thank you marcelm. You are right and I found another solution.

              – Alan42
              52 mins ago






            • 1





              You might consider changing that to SHA256 or SHA512 or they are supported - MD5 is considered broken these days.

              – PhilippNagel
              23 mins ago















            10














            I modified this in /etc/login.defs



            PASS_MAX_LEN 8


            problem fixed.



            ====================



            Important additions:



            After I changed the above parameters, although I can set a password larger than 8 digits, it is still invalid because the real password is only the first eight digits. I don't know if this is my problem.



            My final solution is to set



            # ENCRYPT_METHOD DES


            to



            ENCRYPT_METHOD MD5


            in/etc/login.defs.



            Now, I can finally set a root password that is really larger than eight.






            share|improve this answer




















            • 6





              Good fix, but bad original choice for a system default though...

              – HBruijn
              4 hours ago






            • 3





              I assume you changed your password to something longer than 8 characters now. Can you try if logging in with just the first 8 characters of your longer password works? Because it just might...

              – marcelm
              2 hours ago











            • Thank you marcelm. You are right and I found another solution.

              – Alan42
              52 mins ago






            • 1





              You might consider changing that to SHA256 or SHA512 or they are supported - MD5 is considered broken these days.

              – PhilippNagel
              23 mins ago













            10












            10








            10







            I modified this in /etc/login.defs



            PASS_MAX_LEN 8


            problem fixed.



            ====================



            Important additions:



            After I changed the above parameters, although I can set a password larger than 8 digits, it is still invalid because the real password is only the first eight digits. I don't know if this is my problem.



            My final solution is to set



            # ENCRYPT_METHOD DES


            to



            ENCRYPT_METHOD MD5


            in/etc/login.defs.



            Now, I can finally set a root password that is really larger than eight.






            share|improve this answer















            I modified this in /etc/login.defs



            PASS_MAX_LEN 8


            problem fixed.



            ====================



            Important additions:



            After I changed the above parameters, although I can set a password larger than 8 digits, it is still invalid because the real password is only the first eight digits. I don't know if this is my problem.



            My final solution is to set



            # ENCRYPT_METHOD DES


            to



            ENCRYPT_METHOD MD5


            in/etc/login.defs.



            Now, I can finally set a root password that is really larger than eight.







            share|improve this answer














            share|improve this answer



            share|improve this answer








            edited 55 mins ago

























            answered 4 hours ago









            Alan42Alan42

            1417




            1417







            • 6





              Good fix, but bad original choice for a system default though...

              – HBruijn
              4 hours ago






            • 3





              I assume you changed your password to something longer than 8 characters now. Can you try if logging in with just the first 8 characters of your longer password works? Because it just might...

              – marcelm
              2 hours ago











            • Thank you marcelm. You are right and I found another solution.

              – Alan42
              52 mins ago






            • 1





              You might consider changing that to SHA256 or SHA512 or they are supported - MD5 is considered broken these days.

              – PhilippNagel
              23 mins ago












            • 6





              Good fix, but bad original choice for a system default though...

              – HBruijn
              4 hours ago






            • 3





              I assume you changed your password to something longer than 8 characters now. Can you try if logging in with just the first 8 characters of your longer password works? Because it just might...

              – marcelm
              2 hours ago











            • Thank you marcelm. You are right and I found another solution.

              – Alan42
              52 mins ago






            • 1





              You might consider changing that to SHA256 or SHA512 or they are supported - MD5 is considered broken these days.

              – PhilippNagel
              23 mins ago







            6




            6





            Good fix, but bad original choice for a system default though...

            – HBruijn
            4 hours ago





            Good fix, but bad original choice for a system default though...

            – HBruijn
            4 hours ago




            3




            3





            I assume you changed your password to something longer than 8 characters now. Can you try if logging in with just the first 8 characters of your longer password works? Because it just might...

            – marcelm
            2 hours ago





            I assume you changed your password to something longer than 8 characters now. Can you try if logging in with just the first 8 characters of your longer password works? Because it just might...

            – marcelm
            2 hours ago













            Thank you marcelm. You are right and I found another solution.

            – Alan42
            52 mins ago





            Thank you marcelm. You are right and I found another solution.

            – Alan42
            52 mins ago




            1




            1





            You might consider changing that to SHA256 or SHA512 or they are supported - MD5 is considered broken these days.

            – PhilippNagel
            23 mins ago





            You might consider changing that to SHA256 or SHA512 or they are supported - MD5 is considered broken these days.

            – PhilippNagel
            23 mins ago













            0














            This is because DES-based crypt truncates at 8 bytes.



            That's the answer to your direct question, but here's some general advice implied by your context:



            • Fortunately, from my reading, MD5 in /etc/login.defs is actually *md5crypt" ($1$), which, while a little outdated and no longer supported, is still far superior to DES-based crypt.


            • It looks like SHA256 (actually sha256crypt) and SHA512 (actually sha512crypt) are also there. I would pick one of those instead.


            • If you set your password to password or something under each scheme, you can visually verify whether or not my conclusion that they're the -crypt variants is correct (examples here are taken from the hashcat example hashes, all 'hashcat', some wrapped for readability):


            Not recommended:



            MD5 - 8743b52063cd84097a65d1633f5c74f5
            SHA256 - 127e6fbfe24a750e72930c220a8e138275656b8e5d8f48a98c3c92df2caba935
            SHA512 - 82a9dda829eb7f8ffe9fbe49e45d47d2dad9664fbb7adf72492e3c81ebd3e2
            9134d9bc12212bf83c6840f10e8246b9db54a4859b7ccd0123d86e5872c1e5082f
            descrypt - 48c/R8JAv757A


            OK:



            md5crypt - $1$28772684$iEwNOgGugqO9.bIz5sk8k/


            Better:



            sha256crypt - $5$rounds=5000$GX7BopJZJxPc/KEK$le16UF8I2Anb.rOrn22AUPWvzUETDGefUmAV8AZkGcD
            sha512crypt - $6$52450745$k5ka2p8bFuSmoVT1tzOyyuaREkkKBcCNqoDKzYiJL9RaE8yMnPgh2XzzF0NDrUhgrcLwg78xs1w5pJiypEdFX/




            share



























              0














              This is because DES-based crypt truncates at 8 bytes.



              That's the answer to your direct question, but here's some general advice implied by your context:



              • Fortunately, from my reading, MD5 in /etc/login.defs is actually *md5crypt" ($1$), which, while a little outdated and no longer supported, is still far superior to DES-based crypt.


              • It looks like SHA256 (actually sha256crypt) and SHA512 (actually sha512crypt) are also there. I would pick one of those instead.


              • If you set your password to password or something under each scheme, you can visually verify whether or not my conclusion that they're the -crypt variants is correct (examples here are taken from the hashcat example hashes, all 'hashcat', some wrapped for readability):


              Not recommended:



              MD5 - 8743b52063cd84097a65d1633f5c74f5
              SHA256 - 127e6fbfe24a750e72930c220a8e138275656b8e5d8f48a98c3c92df2caba935
              SHA512 - 82a9dda829eb7f8ffe9fbe49e45d47d2dad9664fbb7adf72492e3c81ebd3e2
              9134d9bc12212bf83c6840f10e8246b9db54a4859b7ccd0123d86e5872c1e5082f
              descrypt - 48c/R8JAv757A


              OK:



              md5crypt - $1$28772684$iEwNOgGugqO9.bIz5sk8k/


              Better:



              sha256crypt - $5$rounds=5000$GX7BopJZJxPc/KEK$le16UF8I2Anb.rOrn22AUPWvzUETDGefUmAV8AZkGcD
              sha512crypt - $6$52450745$k5ka2p8bFuSmoVT1tzOyyuaREkkKBcCNqoDKzYiJL9RaE8yMnPgh2XzzF0NDrUhgrcLwg78xs1w5pJiypEdFX/




              share

























                0












                0








                0







                This is because DES-based crypt truncates at 8 bytes.



                That's the answer to your direct question, but here's some general advice implied by your context:



                • Fortunately, from my reading, MD5 in /etc/login.defs is actually *md5crypt" ($1$), which, while a little outdated and no longer supported, is still far superior to DES-based crypt.


                • It looks like SHA256 (actually sha256crypt) and SHA512 (actually sha512crypt) are also there. I would pick one of those instead.


                • If you set your password to password or something under each scheme, you can visually verify whether or not my conclusion that they're the -crypt variants is correct (examples here are taken from the hashcat example hashes, all 'hashcat', some wrapped for readability):


                Not recommended:



                MD5 - 8743b52063cd84097a65d1633f5c74f5
                SHA256 - 127e6fbfe24a750e72930c220a8e138275656b8e5d8f48a98c3c92df2caba935
                SHA512 - 82a9dda829eb7f8ffe9fbe49e45d47d2dad9664fbb7adf72492e3c81ebd3e2
                9134d9bc12212bf83c6840f10e8246b9db54a4859b7ccd0123d86e5872c1e5082f
                descrypt - 48c/R8JAv757A


                OK:



                md5crypt - $1$28772684$iEwNOgGugqO9.bIz5sk8k/


                Better:



                sha256crypt - $5$rounds=5000$GX7BopJZJxPc/KEK$le16UF8I2Anb.rOrn22AUPWvzUETDGefUmAV8AZkGcD
                sha512crypt - $6$52450745$k5ka2p8bFuSmoVT1tzOyyuaREkkKBcCNqoDKzYiJL9RaE8yMnPgh2XzzF0NDrUhgrcLwg78xs1w5pJiypEdFX/




                share













                This is because DES-based crypt truncates at 8 bytes.



                That's the answer to your direct question, but here's some general advice implied by your context:



                • Fortunately, from my reading, MD5 in /etc/login.defs is actually *md5crypt" ($1$), which, while a little outdated and no longer supported, is still far superior to DES-based crypt.


                • It looks like SHA256 (actually sha256crypt) and SHA512 (actually sha512crypt) are also there. I would pick one of those instead.


                • If you set your password to password or something under each scheme, you can visually verify whether or not my conclusion that they're the -crypt variants is correct (examples here are taken from the hashcat example hashes, all 'hashcat', some wrapped for readability):


                Not recommended:



                MD5 - 8743b52063cd84097a65d1633f5c74f5
                SHA256 - 127e6fbfe24a750e72930c220a8e138275656b8e5d8f48a98c3c92df2caba935
                SHA512 - 82a9dda829eb7f8ffe9fbe49e45d47d2dad9664fbb7adf72492e3c81ebd3e2
                9134d9bc12212bf83c6840f10e8246b9db54a4859b7ccd0123d86e5872c1e5082f
                descrypt - 48c/R8JAv757A


                OK:



                md5crypt - $1$28772684$iEwNOgGugqO9.bIz5sk8k/


                Better:



                sha256crypt - $5$rounds=5000$GX7BopJZJxPc/KEK$le16UF8I2Anb.rOrn22AUPWvzUETDGefUmAV8AZkGcD
                sha512crypt - $6$52450745$k5ka2p8bFuSmoVT1tzOyyuaREkkKBcCNqoDKzYiJL9RaE8yMnPgh2XzzF0NDrUhgrcLwg78xs1w5pJiypEdFX/





                share











                share


                share










                answered 6 mins ago









                Royce WilliamsRoyce Williams

                917513




                917513



























                    draft saved

                    draft discarded
















































                    Thanks for contributing an answer to Server Fault!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid


                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.

                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function ()
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f962214%2fwhy-is-the-maximum-length-of-openwrt-s-root-password-8-characters%23new-answer', 'question_page');

                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    How should I use the fbox command correctly to avoid producing a Bad Box message?How to put a long piece of text in a box?How to specify height and width of fboxIs there an arrayrulecolor-like command to change the rule color of fbox?What is the command to highlight bad boxes in pdf?Why does fbox sometimes place the box *over* the graphic image?how to put the text in the boxHow to create command for a box where text inside the box can automatically adjust?how can I make an fbox like command with certain color, shape and width of border?how to use fbox in align modeFbox increase the spacing between the box and it content (inner margin)how to change the box height of an equationWhat is the use of the hbox in a newcommand command?

                    Doxepinum Nexus interni Notae | Tabula navigationis3158DB01142WHOa682390"Structural Analysis of the Histamine H1 Receptor""Transdermal and Topical Drug Administration in the Treatment of Pain""Antidepressants as antipruritic agents: A review"

                    inputenc: Unicode character … not set up for use with LaTeX The Next CEO of Stack OverflowEntering Unicode characters in LaTeXHow to solve the `Package inputenc Error: Unicode char not set up for use with LaTeX` problem?solve “Unicode char is not set up for use with LaTeX” without special handling of every new interesting UTF-8 characterPackage inputenc Error: Unicode character ² (U+B2)(inputenc) not set up for use with LaTeX. acroI2C[I²C]package inputenc error unicode char (u + 190) not set up for use with latexPackage inputenc Error: Unicode char u8:′ not set up for use with LaTeX. 3′inputenc Error: Unicode char u8: not set up for use with LaTeX with G-BriefPackage Inputenc Error: Unicode char u8: not set up for use with LaTeXPackage inputenc Error: Unicode char ́ (U+301)(inputenc) not set up for use with LaTeX. includePackage inputenc Error: Unicode char ̂ (U+302)(inputenc) not set up for use with LaTeX. … $widehatleft (OA,AA' right )$Package inputenc Error: Unicode char â„¡ (U+2121)(inputenc) not set up for use with LaTeX. printbibliography[heading=bibintoc]Package inputenc Error: Unicode char − (U+2212)(inputenc) not set up for use with LaTeXPackage inputenc Error: Unicode character α (U+3B1) not set up for use with LaTeXPackage inputenc Error: Unicode characterError: ! Package inputenc Error: Unicode char ⊘ (U+2298)(inputenc) not set up for use with LaTeX