HPE Community
Operating System - Linux
1830241 Members
1602 Online
109999 Solutions
New Discussion

Re: User password

 
ivychung2
Frequent Advisor

‎04-25-2006 02:39 PM

‎04-25-2006 02:39 PM

User password

In the Redhat server , I will force the user change the password regularly by "chage -d0 userid", could suggest how to prevent the user use the simple password eg. 123456 ? thx.
0 Kudos
Reply
5 REPLIES 5
Ivan Ferreira
Honored Contributor

‎04-25-2006 02:48 PM

‎04-25-2006 02:48 PM

Re: User password

Normally, the pam_cracklib is enabled and it does not allow the use of simple passwords.

Check your /etc/pam.d/system-auth file, you should have lines like this:

password requisite /lib/security/$ISA/pam_cracklib.so retry=3

Only root can force the use of simple passwords.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
ivychung2
Frequent Advisor

‎04-25-2006 03:06 PM

‎04-25-2006 03:06 PM

Re: User password

thx reply ,

I check that the setting you said is existed in my server , I found that when I use the simple password , the server will prompt me the password is too simple ( BAD PASSWORD: it is too simplistic/systematic ) but it still allow me to use this simple password , I think this only a warning message , could suggest how can I provent the user use it ? thx in advance.
0 Kudos
Reply
Ajay Agarwal
Frequent Advisor

‎04-25-2006 04:10 PM

‎04-25-2006 04:10 PM

Re: User password

You can customize you PAM to add password integrity checkers, such as pam_passwdqc (available from http://www.openwall.com/passwdqc/) or write your own module. For a list of available PAM modules, see http://www.kernel.org/pub/linux/libs/pam/modules.html. For more information about PAM, see the chapter titled Pluggable Authentication Modules (PAM) in the Official Red Hat Linux Reference Guide.
0 Kudos
Reply
Ajay Agarwal
Frequent Advisor

‎04-25-2006 04:37 PM

‎04-25-2006 04:37 PM

Re: User password

I would also encourage you to check out this link: http://forums1.itrc.hp.com/service/forums/helptips.do?#28 to learn about the point system of this forum.
0 Kudos
Reply
Vitaly Karasik_1
Honored Contributor

‎04-25-2006 11:09 PM

‎04-25-2006 11:09 PM

Re: User password

>I check that the setting you said is >existed in my server , I found that when I >use the simple password , the server will >prompt me the password is too simple ( BAD >PASSWORD: it is too >simplistic/systematic ) but it still allow >me to use this simple password , I think >this only a warning message , could >suggest how can I provent the user use >it ? thx in advance.

run "passwd" as regular user and you'll see that regular user cannot set trivial password.
And for root it's just warning!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.