LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 08-13-2008, 12:46 AM   #1
your_shadow03
Senior Member
 
Registered: Jun 2008
Location: Germany
Distribution: Slackware
Posts: 1,461
Blog Entries: 6

Rep: Reputation: 51
Password Restrict.. Password History in RHEL 5.0


I cant see any option setting up Password Restrict or Password History in /etc/login.defs in RHEL 5.0?

Anyone having any idea how to setup that?
 
Old 08-13-2008, 12:49 AM   #2
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 61
See http://www.kernel.org/pub/linux/libs..._cracklib.html
 
Old 08-13-2008, 01:02 AM   #3
your_shadow03
Senior Member
 
Registered: Jun 2008
Location: Germany
Distribution: Slackware
Posts: 1,461
Blog Entries: 6

Original Poster
Rep: Reputation: 51
Thanks for the quick reply.I checked with the same I guess I need those entries in my pam.conf:
Code:
passwd  password required       pam_cracklib.so retry=3
passwd  password required       pam_unix.so use_authtok
For password restrictional entry.

I dont see any option for password history and password complex ?

Last edited by your_shadow03; 08-13-2008 at 01:04 AM.
 
Old 08-13-2008, 01:32 AM   #4
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 61
It is noted as:
Quote:
Already used

Was the password used in the past? Previously used passwords are to be found in /etc/security/opasswd.
but see also: http://www.deer-run.com/~hal/sysadmin/pam_cracklib.html

It works for users, not when root runs passwd user.
 
Old 08-13-2008, 02:55 AM   #5
your_shadow03
Senior Member
 
Registered: Jun 2008
Location: Germany
Distribution: Slackware
Posts: 1,461
Blog Entries: 6

Original Poster
Rep: Reputation: 51
You are Genious Personality I think.
You deserves to be "LINUX GURU".


Thanks the link you sent solves my all queries.

"SMALL NAME(Mr. C) BUT GREAT THOUGHTS"


Thanks

Last edited by your_shadow03; 08-14-2008 at 04:39 AM.
 
Old 08-14-2008, 04:40 AM   #6
your_shadow03
Senior Member
 
Registered: Jun 2008
Location: Germany
Distribution: Slackware
Posts: 1,461
Blog Entries: 6

Original Poster
Rep: Reputation: 51
Wait..
I need more help.I tried making these entries but when I am trying to change the user password as simpe dictionary word its taking without any restriction:

here are the files :

Code:
cat login

#%PAM-1.0

auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so

auth       include      system-auth

account    required     pam_nologin.so

account    include      system-auth

password   include      system-auth

# pam_selinux.so close should be the first session rule

session    required     pam_selinux.so close

session    include      system-auth

session    required     pam_loginuid.so

session    optional     pam_console.so

# pam_selinux.so open should only be followed by sessions to be executed in the user context

session    required     pam_selinux.so open

session    optional     pam_keyinit.so force revoke

 

[root@spitdbrep001 pam.d]# cat system-auth

#%PAM-1.0

# This file is auto-generated.

# User changes will be destroyed the next time authconfig is run.

auth        required      pam_env.so

auth        sufficient    pam_unix.so nullok try_first_pass

auth        requisite     pam_succeed_if.so uid >= 500 quiet

auth        required      pam_deny.so

 

account     required      pam_unix.so

account     sufficient    pam_succeed_if.so uid < 500 quiet

account     required      pam_permit.so

 

password    requisite     pam_cracklib.so  retry=3 minlen=8

password    sufficient    pam_unix.so md5 shadow nullok try_first_pass use_authok

password    required      pam_deny.so

 

session     optional      pam_keyinit.so revoke

session     required      pam_limits.so

session     [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid

session     required      pam_unix.so

 

 

[root@spitdbrep001 pam.d]# cat passwd

#%PAM-1.0

auth       include      system-auth

account    include      system-auth

password   include      system-auth

 

password  required pam_cracklib.so minlen=8

lcredit=1 ucredit=1 dcredit=1 ocredit=1

password reqired pam_unix.so use_authok md5 remember=8

Last edited by your_shadow03; 08-14-2008 at 04:41 AM.
 
Old 08-14-2008, 11:33 AM   #7
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 61
Does the dictionary exist (by default in /var/cache/cracklib)?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Password Minimum Requirements RHEL 4 WS 64Bit mccartjd Linux - Newbie 9 05-13-2008 09:54 AM
AD password changes not reflect on RHEL ldap clients koenigjm Linux - General 0 01-25-2008 11:56 AM
installing figaro password manager in rhel 5 xender69 Red Hat 1 12-26-2007 04:02 PM
pam_cracklib password history not working Kyle Harris Linux - Security 1 03-16-2007 12:40 PM
can I set the password history in solaris ooihc Solaris / OpenSolaris 3 09-24-2004 06:25 AM


All times are GMT -5. The time now is 05:49 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration