HPE Community
Operating System - Linux
1753844 Members
7772 Online
108806 Solutions
New Discussion юеВ

max passwd length

 
SOLVED
Go to solution
skt_skt
Honored Contributor

тАО05-06-2009 05:31 AM

тАО05-06-2009 05:31 AM

max passwd length


Red Hat Enterprise Linux AS release

I have minlen cofigured in /etc/pam.d/system-auth. But what is the maxlen possible?

also where is the PASSWORD_HISTORY_DEPTH(HP-UX equivalent) defined in LINUX?
0 Kudos
Reply
6 REPLIES 6
Ivan Ferreira
Honored Contributor

тАО05-06-2009 05:38 AM

тАО05-06-2009 05:38 AM

Solution

Re: max passwd length

The pam_cracklib provides the minlen and remember options. There is no way to restric the "maximun" length, it depends of the user. The maximum is 256 characters.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Reply
Court Campbell
Honored Contributor

тАО05-06-2009 05:50 AM

тАО05-06-2009 05:50 AM

Re: max passwd length

You would need to use pam_passwdqc to enforce a max length.
"The difference between me and you? I will read the man page." and "Respect the hat." and "You could just do a search on ITRC, you don't need to start a thread on a topic that's been answered 100 times already." Oh, and "What. no points???"
0 Kudos
Reply
skt_skt
Honored Contributor

тАО05-06-2009 07:17 AM

тАО05-06-2009 07:17 AM

Re: max passwd length

how to use pam_passwdqc ?
0 Kudos
Reply
skt_skt
Honored Contributor

тАО05-06-2009 08:17 AM

тАО05-06-2009 08:17 AM

Re: max passwd length

Both /etc/login.defs and /etc/pam.d/system-auth has minlen defined. Which one takes the precedence over the other?

# cat /etc/login.defs|grep LEN
PASS_MAX_LEN 12
PASS_MIN_LEN 6


# cat /etc/pam.d/system-auth|grep pam_cracklib
password required /lib/security//pam_cracklib.so retry=3 minlen=6 type=
0 Kudos
Reply
Ivan Ferreira
Honored Contributor

тАО05-06-2009 08:27 AM

тАО05-06-2009 08:27 AM

Re: max passwd length

Parameters for password lenght in logins.def does not work. It is superseded by the PAM module "pam_cracklib"
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
Court Campbell
Honored Contributor

тАО05-06-2009 11:14 AM

тАО05-06-2009 11:14 AM

Re: max passwd length

You use it the same way you use any other pam module. Just add it to tour system-auth file under the password type. If you have it installed there should be a man page for it.
"The difference between me and you? I will read the man page." and "Respect the hat." and "You could just do a search on ITRC, you don't need to start a thread on a topic that's been answered 100 times already." Oh, and "What. no points???"
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.