[K12OSN] Password Policy

[Toshio Kuratomi]

> On 4/4/06, Brad Johnson <bjohnson at independence.k12.ia.us> wrote:
>         Fedora
>         requires them to create a strong password.  Is there any way I
>         can
>         avoid the strong password, and allow them to choose whatever
>         they want?
This can be set through pam.  I don't have an FC4 box around right now
but here are the generic instructions:  First look in /etc/pam.d/passwd
If you see a line about cracklib then this is the file you need to edit.
If not you probably see lines that have pam_stack system-auth or include
system-auth or similar.  If that is true then you need to
edit /etc/pam.d/system-auth.  There should be a line about cracklib in
there.  You can add arguments to the line that enable less secure
passwords.

The two documentation files you'll want to look at are
/usr/share/doc/pam-VERSION/txts/README.pam_cracklib (which has a short
description of every pam_cracklib option)
and /usr/share/doc/pam-VERSION/txts/pam.txt (which has some useful
examples.  Search within the file for cracklib and you'll find them.)

Whenever editing pam files be careful.  Pam is a modular system for
authentication.  If you make a mistake you could find yourself unable to
login/su/etc.  At minimum, you'll want to 1) make a copy of the files
you plan on editing so you can quickly restore them. 2) stay logged in
as root on a terminal until you have verified that you can go to a
different terminal and login as yourself and su to root.

-Toshio

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/k12osn/attachments/20060404/cc57a037/attachment.sig>