We recently discovered that the way we install a VPS differs slightly from the usual CD install. This is not something we do specifically but something that can be improved on in the set-ups of CentOS5.3.

When you install from a CD it automatically enables MD5 encryption in passwords (which should be the norm), however when you install directly from base packages it does not.

This appears to be a fairly new development and we have caught it quickly thanks to some great users who have passwords longer than 8 characters.  The main side effect of having no MD5 is that you can not have a password longer than 8 characters at all, it just doesn’t work.

To test your VPS and see if you have it, you can set a password with more than 8 characters, if you trim the end characters off you will still be able to login with only the first 8 characters.

There is an easy fix for this,

Edit /etc/sysconfig/authconfig

You need to have this enabled

USEMD5=yes

Next, edit this file /etc/pam.d/system-auth

Make sure it has the following line (which has md5 in that place)

password sufficient pam_unix.so md5 shadow try_first_pass use_authtok nullok

You should then reset any passwords on the box with passwd so they are now using MD5

passwd username

before

[root@hostname ~]# cat /etc/shadow
root:y.yYKjjc6dh4M:14519:0:99999:7:::

after

[root@hostname /etc/pam.d]# cat /etc/shadow
root:$1$trQ54tcS$azHBlqdd3kzNF4v8Xp3N/0:14519:0:99999:7:::

If you have any problems or concerns you should contact us on support. Just drop in a ticket and we can get things going again.