puzzled by passwords inconsistency

Posts: 3
Joined: Tue Jun 18, 2013 1:53 pm

puzzled by passwords inconsistency

Postby jpguisset » Tue Jan 05, 2016 3:51 pm

I am using Amahi since several years in a rather safe home network and I never bothered too much about passwords.
For the first time in years I have changed a password. I did it using the web interface and selected a 12 characters string.

I noticed that mounting shares in windows, I would need the old password and that is a known issue.

What really puzzled me was that as I was able to login using ssh using only the first 8 characters of my new password. Everything from the 9th character would be ignored. The same is true for su authentication.
I googled a lot and could not find any explanation in the context of Fedora so I imagined that the Amahi install would have changed something there. To my total surprise login to the web interface (http://hda/user_sessions/new) works only with the full 12 characters password; no truncation here.

I have created all people users through the web interface, but I did install some non amahi apps and had to tweak some parameters. I cannot imagine I have compromised the security of my server so severely.

I am using Amahi 7 for Fedora 19 (manual install with xfce). Could someone try to reproduce this issue? I would like to know if I have broken something or if this is a common problem.

Any suggestion welcome,
Thank you

Who is online

Users browsing this forum: No registered users and 3 guests