Submitted by bentrafford on Tue, 04/11/2017 - 10:13
I enabled the MySQL "validate_password" plugin on a fresh install. I also enabled hashed passwords, as opposed to clear text. However, when I try to make new servers, it constantly returns that it can't, because the automatically generated passwords don't meet the validate_password plugin's requirements.
I like the security the plugin offers. How do I make Virtualmin meet its requirements?
Status:
Active
Comments
Submitted by JamieCameron on Tue, 04/11/2017 - 17:21 Comment #1
That depends ... what specific password requirement is it rejecting? Length, special characters, or something else?
Submitted by bentrafford on Tue, 04/11/2017 - 19:00 Comment #2
It doesn't say. The error I'm getting is this:
MySQL database failed! : SQL insert into user (host, user, ssl_type, ssl_cipher, x509_issuer, x509_subject, plugin, authentication_string) values ('localhost', 'myserver.com', '', '', '', '', 'mysql_native_password', password('qfW5xnBxkZVWhQ5M')) failed : Your password does not satisfy the current policy requirements at /usr/share/webmin/web-lib-funcs.pl line 1427.
My secure_password requirements are as follows: length (8 minimum), numeric, lowercase/uppercase, special characters (required), and not a dictionary word.
Submitted by JamieCameron on Tue, 04/11/2017 - 22:34 Comment #3
Right now, there's no way to configure the random password generator to meet those requirements - all you can set is the length and the character set.
Submitted by bentrafford on Tue, 04/11/2017 - 23:18 Comment #4
Is there a way to hack Virtualmin that won't get overwritten on the next update? :) Or a way to contribute a patch?
Submitted by JamieCameron on Wed, 04/12/2017 - 11:46 Comment #5
You could modify this function : https://github.com/virtualmin/virtualmin-gpl/blob/master/virtual-server-...
Submitted by acosonic on Tue, 04/23/2019 - 06:41 Comment #6
It's enough to put this
validate_password_policy=LOW
under mysqld section in mysql.conf (wherever it is...)
Submitted by acosonic on Fri, 07/26/2019 - 04:50 Comment #7
In order to do this properly, without restarting servers etc...
First login to mysql as root, and run: SHOW VARIABLES LIKE 'validate_password%'; if you get validate_password_policy anything else then "LOW", it won't work, then run SET GLOBAL validate_password_policy=LOW;
And in my.cnf (on Ubuntu it's under: /etc/mysql/mysql.conf.d/mysqld.cnf
under [mysqld] put the: validate_password_policy=LOW
This way you don't have to restart server, but when it restarts from any reason, it will work...