cancel
Showing results for 
Search instead for 
Did you mean: 

About change user password

eric_204
Frequent Advisor

About change user password

I use the Linux default setting in my RH 8 system , I force the user to change the password by the command ( chage -d0 user ) , but there are some restrictions of the new user password ( eg. not a dictionary word , can't too simple , can't same as the previous password ) , can suggest how can I change these restrictions so that user can change any password that they want ? thx in advance.
4 REPLIES
Alexander Chuzhoy
Honored Contributor

Re: About change user password

for start see the file /etc/login.defs
Steven E. Protter
Exalted Contributor

Re: About change user password

eric,

I advise against changing these setting too much. They provide security.

The cracklibrary is used to stop dictionay words. Because the crack utility uses the very same library to guess passwords.

The root user can set passwords that violate restrictions anyway.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Vitaly Karasik_1
Honored Contributor

Re: About change user password

agree with Steven, but if you want to work without cracklib - delete pam_cracklib line from /etc/pam.d/system-auth

Rgds,
Vitaly
eric_204
Frequent Advisor

Re: About change user password

Hi all

I tried to disable the line "password required /lib/security/pam_cracklib.so retry=3 type= " in the file /etc/pam.d/system-auth , but it is not work , when I login , it pop the below message

password unchanged
password unchanged
password unchanged


The below is the content of the file "/etc/pam.d/system-auth" , please suggest how to modify it ? thx

# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_unix.so likeauth nullok
auth required /lib/security/pam_deny.so

account required /lib/security/pam_unix.so

#password required /lib/security/pam_cracklib.so retry=3 type=
password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shado
w
password required /lib/security/pam_deny.so

session required /lib/security/pam_limits.so
session required /lib/security/pam_unix.so