root password complexity enforcement
I'm running RHEL5.x. Does anyone know of a setting or rpm available, to apply all of the password complexity rules, ie min-len, reuse, char-types, etc to the root user? I have the proper settings and for all users except root, these settings are forced. If I change a password as root user, the system complains if I don't meet complexity rules but still accepts the changes. This isn't just for root changing its own password, but root changing any password, such as when running as system administrator
|
From a practical point of view, you got the warning and should provide a new password that meets the rules. There is really no difference other than that root has to be trusted and might sometimes have reasons for breaking rules.
The correlary is that you shouldn't give root out to anyone you don't trust. There should be an absolute minimum of people allowed root access, and they should be trusted, reliable and knowledgeable. |
|
Directive did the trick
Thanks,
This directive in /etc/pam.d/passwd did the trick. When impemented, it caused the complexity rules to be enforced for root. enforce=everyone directive |
All times are GMT -5. The time now is 06:18 PM. |