Last night I tried to install CrackLib on my home server running Ubuntu 6.10 Edgy Eft distro. If you don't know what CrackLib does, it is a library that may (and should) be used by security-concious applications to prevent users from choosing passwords that are too simple (and thus could be guessed or easily cracked by brute-force attack). And for those who think this is not an important issue, Bruce Schneier, well-known security expert, has posted in his blog the list of top 20 passwords including such favorites as abc123, 123abc, myspace1, and the single most-used key, password1!
I proceeded as usual:
$ sudo apt-get install cracklib2
The catch is: for some reason Ubuntu doesn't tell you what to do next! It doesn't provide you with a word list, doesn't create a dictionary required to use cracklib
during installation sequence, and even man cracklib
is pretty sparse on info.
However, it's all there, you just have to know where to look for it! After some good old trial'n'error I was able to find the way to do it myself. So here goes:
install
cracklib-runtime
and add any of the localizedwordlist
packages to taste –wamerican
,wbritish
,wfrench
, etc (runapt-get install wordlist
for the full list):$ sudo apt-get install cracklib-runtime wbritish
(optional) download extra lists (e.g. at COTSE's Word Lists) and put them to
/usr/share/dict
directory:$ sudo mv /path/to/downloaded/file /usr/share/dict
generate CrackLib dictionary from downloaded word lists:
$ sudo update-cracklib /var/cache/cracklib/cracklib_dict
This will create files named cracklib_dict.hwm
, cracklib_dict.pwd
and cracklib_dict.pwi
in /var/cache/cracklib/
directory - which is exactly where CrackLib expects them to be. And that's it! Wish this info was there in the first place...
You can now check if anything went as expected by running crack_teststr
- it will ask you to enter dictionary words and tell you if they exist or not (Ctrl + C to finish).