[K12OSN] Password Policy
Brad Johnson
bjohnson at independence.k12.ia.us
Tue Apr 4 18:37:00 UTC 2006
On Apr 4, 2006, at 11:52 AM, Toshio Kuratomi wrote:
>
>> On 4/4/06, Brad Johnson <bjohnson at independence.k12.ia.us> wrote:
>> Fedora
>> requires them to create a strong password. Is there any
>> way I
>> can
>> avoid the strong password, and allow them to choose whatever
>> they want?
> This can be set through pam. I don't have an FC4 box around right now
> but here are the generic instructions: First look in /etc/pam.d/
> passwd
> If you see a line about cracklib then this is the file you need to
> edit.
> If not you probably see lines that have pam_stack system-auth or
> include
> system-auth or similar. If that is true then you need to
> edit /etc/pam.d/system-auth. There should be a line about cracklib in
> there. You can add arguments to the line that enable less secure
> passwords.
>
> The two documentation files you'll want to look at are
> /usr/share/doc/pam-VERSION/txts/README.pam_cracklib (which has a short
> description of every pam_cracklib option)
> and /usr/share/doc/pam-VERSION/txts/pam.txt (which has some useful
> examples. Search within the file for cracklib and you'll find them.)
>
> Whenever editing pam files be careful. Pam is a modular system for
> authentication. If you make a mistake you could find yourself
> unable to
> login/su/etc. At minimum, you'll want to 1) make a copy of the files
> you plan on editing so you can quickly restore them. 2) stay logged in
> as root on a terminal until you have verified that you can go to a
> different terminal and login as yourself and su to root.
>
> -Toshio
Thanks for the info. However I've tried adding some of the arguments
and it's not working. Is it possible to turn off the use of cracklib
entirely?
Thanks
Brad
More information about the K12OSN
mailing list