Case Sensitivity and Published Passwords

0 Comment

When I first started running a SE Linux Play Machine [1] I used passwords such as “123456“. Then for a while I had “selinux” but when I created a T-shirt design (see the main Play Machine page for details) I changed the password to “SELINUX” because that is easier to read on a shirt.

Unfortunately the last time I rebuilt the Play Machine I used a password of “selinux“, some people worked this out and still logged in so I didn’t realise that anything was wrong until a comment was placed on my blog yesterday. So for the past three weeks or so some people have been finding themselves unable to login. The password is now “SELINUX” again, sorry for any inconvenience.

It’s a pity that I can’t make sshd a little less case sensitive for passwords. A PAM module to implement a caps-lock mode where the opposite case is tried would be useful for this case and some others too.