cancel
Showing results for 
Search instead for 
Did you mean: 

root's password policy

Danesh Qureshi
Regular Advisor

root's password policy

I have serveral servers running Red Hat advance server 3 and Advance server 4.

Can anyone tell me where do I find root's password policy?

Where do I lookup root's password length (what is the minimum and maximum length for password, where is root's password expiry displayed, what the threshold is before root account is locked, if root has password history and if password dictionary feature is set up?


3 REPLIES
dirk dierickx
Honored Contributor

Re: root's password policy

you can look up these things with the 'passwd -S ' command.
Steven E. Protter
Exalted Contributor

Re: root's password policy

Shalom,

Linux uses cracklib to check for keywords and such with the root password and when root is used to set passwords.

History is also easy to implement.

There is no way to enforce a password policy on the root user. That is an organizational issue.

root for very good reasons can override any password policy you set for users, both for itself and other users.

There are valid reasons to override rules. Policy for root is a people issue and getting them to comply with organizational security guidelines.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
skt_skt
Honored Contributor

Re: root's password policy

"chage -l root" would give some password aging relate information