SYNOPSIS

#include <crack.h>

static char const CRACKLIB_DICTPATH[] =  ...;

extern char const *
FascistCheck(char const passwd[], char const dictpath[]);

DESCRIPTION

cracklib is a library containing the FascistCheck C function which may be used in a "passwd" like program. The idea is simple: try to prevent users from choosing passwords that could be guessed by "crack" by filtering them out, at source. cracklib is an offshoot of the the version 5 of the "crack" software and contains a considerable number of ideas nicked from the new software.

The first formal argument password is the potential password. The second formal argument dictpath is the full path name + filename prefix of the cracklib dictionary database. FascistCheck returns the NULL pointer for a good password, or a pointer to a diagnostic string if it is a weak password.

The database is in a binary format generated by the utilities crack_mkdict(8) and crack_packer(8). On a Debian system the database is located in the directory defined by the static constant CRACKLIB_DICTPATH and is set to /var/cache/cracklib/cracklib_dict. None of the subroutines in the cracklib libraries have this location hard-coded into their implementations. It is generated daily with the program /etc/cron.daily/cracklib.

FILES

/var/cache/cracklib/cracklib_dict.[hwm|pwd|pwi]

cracklib dictionary database files used by utilities.

/etc/cron.daily/cracklib

cracklib daily cron program to rebuild the cracklib dictionary database.

/etc/cracklib/cracklib.conf

cracklib configuration file used by the cracklib daily cron program to rebuild the cracklib dictionary database.

/usr/sbin/crack_mkdict

cracklib shell script to create initial list of words for dictionary database.

/usr/share/doc/cracklib2-dev/examples

Example cc(1) source files that show how FascistCheck is used.

AUTHOR

cracklib2 is written by Alec Muffett <[email protected]>. Manual added by Jean Pierre LeJacq <[email protected]>.