Password Complexity in Linux
Wayne Betts
wbetts at bnl.gov
Mon Jun 30 17:01:39 UTC 2008
I replace cracklib with passwdqc in my pam.d system-auth. This allows
simple rules that would match the OP's needs for complexity. (Though
the cracklib docs seem to indicate it can do these things too, I have
not gotten it to work.) I use the "remember=X" option for pam_unix to
remember "X" previous password hashes in /etc/security/opasswd.
If you have the pam_passwdqc package installed, then use the man page
for pam_passwdqc to see how to configure it.
Chet Nichols III wrote:
> The useradd command will let you tune password expiration times per user..
> but for creating complex passwords, you could always create your own
> modified passwd tool that users have to use to enforce your complexity.
> As for having the last 4 passwords not used, I'd probably end up creating a
> database of some sort that my custom passwd tool would tap into.
>
> There are probably solutions/built-in's already that take care of this, but
> that'd be my first thought (I usually think about what I'd do before
> searching for already existing solutions).
>
> I'm interested to hear what other people use/would use to handle this :D
>
> Chet
>
> On Mon, Jun 30, 2008 at 12:19 PM, karthik keyan <karthik_arnold1 at yahoo.com>
> wrote:
>
>> Hi All
>>
>> I would like to setup passwd complexity on our Linux servers .
>>
>> Min 8 characters - 1 upper , 1 digit and 1 Lower character
>>
>> Last used 4 passwords should not be used
>>
>> And also i want to set Passwd expiry for user accounts which are already
>> created and These passwd complexity should apply to users which has alreay
>> been created .
>>
>> I Need your valuable help and advice
>>
>> Thanks & Regards
>> Karthik
>>
>>
>>
>>
>> --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request at redhat.com?subjectunsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
>>
>
>
>
More information about the redhat-list
mailing list