Download your favorite Linux distribution at LQ ISO.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 07-06-2009, 02:17 AM   #1
Registered: Jan 2006
Location: Turkey
Distribution: Pardus,Fedora,Suse,Many livedistros
Posts: 36

Rep: Reputation: 15
Password policy

Hi all,

I have Redhat EL 3,4,5 boxes and need to apply the password policy given below:

-Passwords to be changed at 90 days instead of 180
-Password change to be forced by the system
-Password length must be at least 6 characters long
-Last 3 passwords to be remembered by the system and dont let to be used at the password change
-When 6 continuous wrong login attemp made , the system should block that id
-Complexity (Optinional)

So pratically how can i do this all?

Old 07-06-2009, 09:15 AM   #2
Senior Member
Registered: May 2006
Location: USA
Distribution: Debian
Posts: 4,701

Rep: Reputation: 566Reputation: 566Reputation: 566Reputation: 566Reputation: 566Reputation: 566
PAM. Specifically, the pam_cracklib and pam_unix lines in /etc/pam.d/system-auth (probably would work in other files as well but that's where mine are). (this is a subtle hint that this is an easy and common question whose answer you could find more quickly by searching)

Last edited by AlucardZero; 07-06-2009 at 09:17 AM.
Old 07-07-2009, 12:49 AM   #3
LQ Guru
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 658Reputation: 658Reputation: 658Reputation: 658Reputation: 658Reputation: 658
Some of the items you mentioned are configured in the /etc/security/login.defs file. In particular, password expiry policy.

You may find this page helpful:
Old 07-09-2009, 06:16 PM   #4
Senior Member
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
Check out pam_passwdqc(8) - which is noted in the article above - as an alternative to pam_cracklib. I find it to be more straightforward and flexible, and better documented.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
password policy Nick Pontelando Linux - Security 9 08-15-2012 10:50 AM
How to set the password policy and lockout policy bin_shell Linux - Security 4 03-24-2010 04:30 PM
Password Policy jagnikam Linux - Security 1 08-22-2008 03:47 PM
Password policy sunhui Linux - Software 2 05-12-2006 04:19 AM
password policy ust Linux - Software 0 12-05-2005 01:44 AM

All times are GMT -5. The time now is 09:55 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration