HPE Community
Operating System - Linux
1831374 Members
3545 Online
110025 Solutions
New Discussion

control the password

 
juno2
Super Advisor

‎10-12-2003 06:16 PM

‎10-12-2003 06:16 PM

control the password

when I install the RH linux , I 've set to use the default setting to control the user can't use a specific password eg. too simple , the word in dictionary , the password has been used previously, how can I disable this control so that users can use the password the password they want ? thx.
0 Kudos
Reply
11 REPLIES 11
Jerome Henry
Honored Contributor

‎10-12-2003 06:46 PM

‎10-12-2003 06:46 PM

Re: control the password

2 steps :

- Uninstall cracklib.
- Solve your points assignment issue...

Tks

J
You can lean only on what resists you...
0 Kudos
Reply
juno2
Super Advisor

‎10-12-2003 07:08 PM

‎10-12-2003 07:08 PM

Re: control the password

thx reply,

could you advise how to "Uninstall cracklib" ? is there other more simple method ? thx.
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎10-12-2003 07:08 PM

‎10-12-2003 07:08 PM

Re: control the password

The default behavior of Red Hat Linux, from my esperience v 6-v9 is to warn the root user and prevent other users from using illegal passwords.

This is a good thing.

Anyone thats telling you to remove this functionality is telling you to make your systems insecure.

If you run crack against a password file not protected this way, it will guess passwords. I ran crack against a HP-UX non-trusted system and it guessed a dozen passwords out of 160 users.

In other words, not good.

You can the rpm command to uninstall the cracklib.


rpm -q cracklib
gets you the version number. Then you can use rpm to uninstall.

I totally agree with Jerome's comments. You are a heavy user here. Please show a wee bit more respect to the community that answers your questions.

It beats paying for help right?

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
juno2
Super Advisor

‎10-12-2003 07:27 PM

‎10-12-2003 07:27 PM

Re: control the password

thx reply,

what is the impact to uninstall cracklib
? it will only disable to control the password or more ? if not , is there other method to fix the problem ? Thx.

sorry , i know i need to assign pts , I will do it within two days .


0 Kudos
Reply
juno2
Super Advisor

‎10-12-2003 07:34 PM

‎10-12-2003 07:34 PM

Re: control the password

instead of uninstall the cracklib , can fix the problem by the existing tools , eg. webmin or others ? thx.
0 Kudos
Reply
Vitaly Karasik_1
Honored Contributor

‎10-12-2003 08:33 PM

‎10-12-2003 08:33 PM

Re: control the password

to remove pam_cracklib string from /etc/pam.d/system-auth ?
0 Kudos
Reply
Jerome Henry
Honored Contributor

‎10-12-2003 09:49 PM

‎10-12-2003 09:49 PM

Re: control the password

It's not exactly a 'problem', as Steven explains (hey, don't you sleep, Steven ?).
By default, the system protects from weak password, from the line Vitaly quotes, if you use pam, and using cracklib as a weak password database.
If you want to stop this feature, you can unactivate this check from pam module, or uninstall database (so no weak password anymore).
The only thing you can do from webmin is, under pam authentification, uncheck login, such no requiring pam for login, which is definetely a bad idea.

J
You can lean only on what resists you...
0 Kudos
Reply
Huc_1
Honored Contributor

‎10-12-2003 11:18 PM

‎10-12-2003 11:18 PM

Re: control the password


You seem to have lot of problem with password lately, but dont turn to such drastic methode
I will join the crowed and advice again it !
keep the history file active.

Dont let your user/management impose this, explain/defend to them that this is against everyone interest.

If the task of keeping up is hard and you need more information on password management, take the time to read the following link I have found this read to be time well spend.

http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/security-guide/s1-wstation-pass.html

Keep at it !

J-P

"Jolie couvre chef sir Jerome Henry" (french --> means something like "nice hat on your head mylord Jerome Henry).


Smile I will feel the difference
0 Kudos
Reply
Martin P.J. Zinser
Honored Contributor

‎10-13-2003 02:22 AM

‎10-13-2003 02:22 AM

Re: control the password

Also note that removing these additional checks will not solve the issues of locking when two different users try to change their passwords at the same time.
0 Kudos
Reply
Huc_1
Honored Contributor

‎10-14-2003 11:43 PM

‎10-14-2003 11:43 PM

Re: control the password

Any feed back progress /yet on this issue?
still a problem?

J-P
Smile I will feel the difference
0 Kudos
Reply
aparna challagulla
Valued Contributor

‎10-15-2003 12:24 AM

‎10-15-2003 12:24 AM

Re: control the password

hi juno,
considering all ur past posts regarding passwd and chage i think u want password aging enabled for ur users. i also remember u saying that u have nearly 200 users.
whenever a user tries to change his/her password the /etc/passwd file is locked and the lock is only released after the changes are saved. i dont think u can disable this feature or if there a workaround for it.
try enabling aging for a batch of users each day so that all users dont try to do it simultaneously.
or else dont enable password aging for the same number of days for all users.
HTH
aparna

P.S. would like to know how/whenever u solve this issue.
If you don't have time to do it right you must have time to do it over
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.