LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   pam_cracklib and pam_unix (http://www.linuxquestions.org/questions/linux-security-4/pam_cracklib-and-pam_unix-912385/)

rosect 11-07-2011 05:20 PM

pam_cracklib and pam_unix
 
On my Fedora14, I need pam_unix to keep password history. However, it seems that pam_cracklib must be included in the /etc/pam.d/system-auth as well. If I comment out pam_cracklib, I can not change password at all. I do not want pam_cracklib because I have my own rules to validate a new password. So, I added these options to pam_cracklib:
password requisite pam_cracklib.so difok=0 difignore=0 lcredit=0 ucredit=0 dcredit=0 ocredit=0 minlen=4

When I try (as an experiment) to use new password "abcd12", system still says "BAD PASSWORD: it is too simplistic/systematic".

Is there a way to "disable" pam_cracklib's validating a password or to configure not to use pam_cracklib with pam_unix?

rosect 11-07-2011 07:14 PM

Solution is to remove "use_authtok" from pam_unix.
 
Thanks.


All times are GMT -5. The time now is 01:30 AM.