LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   Password policy (http://www.linuxquestions.org/questions/linux-security-4/password-policy-737961/)

vbo 07-06-2009 01:17 AM

Password policy
 
Hi all,

I have Redhat EL 3,4,5 boxes and need to apply the password policy given below:

-Passwords to be changed at 90 days instead of 180
-Password change to be forced by the system
-Password length must be at least 6 characters long
-Last 3 passwords to be remembered by the system and dont let to be used at the password change
-When 6 continuous wrong login attemp made , the system should block that id
-Complexity (Optinional)

So pratically how can i do this all?

Regards

AlucardZero 07-06-2009 08:15 AM

PAM. Specifically, the pam_cracklib and pam_unix lines in /etc/pam.d/system-auth (probably would work in other files as well but that's where mine are).

http://www.kernel.org/pub/linux/libs..._cracklib.html
http://www.redhat.com/docs/manuals/e...tion-pass.html
http://www.google.com (this is a subtle hint that this is an easy and common question whose answer you could find more quickly by searching)

jschiwal 07-06-2009 11:49 PM

Some of the items you mentioned are configured in the /etc/security/login.defs file. In particular, password expiry policy.

You may find this page helpful: http://brandonhutchinson.com/wiki/Linux_Password_Policy

anomie 07-09-2009 05:16 PM

Check out pam_passwdqc(8) - which is noted in the article above - as an alternative to pam_cracklib. I find it to be more straightforward and flexible, and better documented.


All times are GMT -5. The time now is 04:41 PM.