Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: rgmhtt on March 20, 2009, 03:01:51 PM
-
I did my first install yesterday evening on an old Compaq SFF: PIII/500, 256Mb mem, 6Gb disk.
Install went well. I have my own DHCP server, and supplied a sub zone off my registered domain name.
Followed the reboot and got to a login prompt. Figured that I should log in as root, that is what I always do when I build a new system. Did a bit of pinging, then ran 'yum update'. At the end of this I got a message about needing to run a couple of commands, which I did and rebooted. System now runs a long time and seems to be setting up some services then allows me to log in again. I do so as root.
Nothing much. No information on managing this unit...
Oh, look at Chapter 6! Chapter 5 ended prematurely. There is something about selecting 'auto' mode? Did not see that in the install, nor is there any information on 'auto mode' in Chapter 5. Well Ch 6 tells me to log in as 'admin', not root! Dah, NOW I get a menu....
And to get remote access to the server-manager from my other systems which are all on different subnets, I have to first go into it server-manager to set up remote access. Well, I am NOT your typical newbie. They don't tend to have 64 public IPv4 addresses divided into 6 subnets plus 6 rfc1918 subnets with IPv6 addressing available on many of these.... All in your home.
So now I am up to managing my first network from my Centos 5.2 laptop with Firefox...
I create a group; oh lower case only? fine. I guess since NT was case insensitive, restricting Linux to lower case to avoid problems makes some sense. Perhaps this is covered somewhere?
I create my first user, lower case again. It comes up locked. Well I did not remember a password field in the create user panel, so this makes sense, and I go to change the password to only discover....
YOU HAVE those STUPID password restrictions enabled! STUPID and insane! I have TAUGHT Authentication and get involved in all the craziness in passwords. Check Rich Smith's web site:
http://www.cryptosmith.com/sanity/pwdilemma.html
In his book on Authentication, Rich shows a simple way to create a password with 50 bits of entropy. It is one of a number of rules I have used for my users here.
So is there a way to turn off this password enforcement policy? If not I will be finding passwords on post its under the mouse pad:
http://www.cryptosmith.com/sanity/pwdilemma.html#anchor12902853
I don't need Dilbert's Mordac (http://www.cryptosmith.com/sanity/mordac.jpg) in my home....
So that is it for now. I have some other tasks to tackle this morning...
-
Hello rgmhtt,
There have been many a debate on this ... lol
Have a look here:
http://wiki.contribs.org/SME_Server:Documentation:FAQ#Password_Strength_Checking
Regards,
Tib
-
Hello rgmhtt,
There have been many a debate on this ... lol
There always are. And because changing this behavior is obscure, I bet this gets asked a lot.
Have a look here:
http://wiki.contribs.org/SME_Server:Documentation:FAQ#Password_Strength_Checking
OK. That fixed things.
I have passed my 'typical' passwords through cracklib-check and they come back "OK", just not with the composition rules of 'normal', let alone 'strong'. There needs to be a 'crack only' check... But as you said this has been debated and will forever be debated. And I am one of the big debaters on this subject. It IS one of my proficiency areas.
-
Oh, look at Chapter 6! Chapter 5 ended prematurely. There is something about selecting 'auto' mode? Did not see that in the install, nor is there any information on 'auto mode' in Chapter 5.
Please open a bug report (via http://bugs.contribs.org/) for any errors or omissions you find in the documentation.
-
Please open a bug report (via http://bugs.contribs.org/) for any errors or omissions you find in the documentation.
http://bugs.contribs.org/show_bug.cgi?id=5089
-
http://bugs.contribs.org/show_bug.cgi?id=5089
Please use the Clone button to make one bug for each issue you raise. Issues will be resolved one at a time, and need to have a separate bug to be traced through the resolution and verification process.
Thanks.
-
I did my first install yesterday evening on an old Compaq SFF: PIII/500, 256Mb mem, 6Gb disk.
There ya go ... museum quality product.
Last server I knocked up was a tri core amd and it rocks.
-
Please use the Clone button to make one bug for each issue you raise. Issues will be resolved one at a time, and need to have a separate bug to be traced through the resolution and verification process.
Thanks.
I split off the end about password complexity, but could not figure out how to edit the first bug to take that part out.
And I don't know enough about the install process to properly break up the rest of the bug into subpieces.
-
There ya go ... museum quality product.
Last server I knocked up was a tri core amd and it rocks.
I have production servers of that kind for small offices.. they're running flawlessy since... wow, I can't even remember..
I have also a dual p166 with 128 mb ram and a 9 gb scsi hd running SME 6.0.1 without problems at all
if you don't have to serve the universe, all "iron" can work.. ;-)
Ciao
Stefano