LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 04-27-2010, 09:39 AM   #1
ErnieG
LQ Newbie
 
Registered: Jan 2009
Posts: 3

Rep: Reputation: 0
root password complexity enforcement


I'm running RHEL5.x. Does anyone know of a setting or rpm available, to apply all of the password complexity rules, ie min-len, reuse, char-types, etc to the root user? I have the proper settings and for all users except root, these settings are forced. If I change a password as root user, the system complains if I don't meet complexity rules but still accepts the changes. This isn't just for root changing its own password, but root changing any password, such as when running as system administrator
 
Old 04-27-2010, 10:17 AM   #2
choogendyk
Senior Member
 
Registered: Aug 2007
Location: Massachusetts, USA
Distribution: Solaris 9 & 10, Mac OS X, Ubuntu Server
Posts: 1,189

Rep: Reputation: 105Reputation: 105
From a practical point of view, you got the warning and should provide a new password that meets the rules. There is really no difference other than that root has to be trusted and might sometimes have reasons for breaking rules.

The correlary is that you shouldn't give root out to anyone you don't trust. There should be an absolute minimum of people allowed root access, and they should be trusted, reliable and knowledgeable.
 
0 members found this post helpful.
Old 04-27-2010, 03:30 PM   #3
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora, Lubuntu, FreeBSD
Posts: 3,930
Blog Entries: 5

Rep: Reputation: Disabled
pam_passwdqc(8)

Use the enforce=everyone directive.
 
1 members found this post helpful.
Old 05-05-2010, 07:45 AM   #4
ErnieG
LQ Newbie
 
Registered: Jan 2009
Posts: 3

Original Poster
Rep: Reputation: 0
Directive did the trick

Thanks,

This directive in /etc/pam.d/passwd did the trick. When impemented, it caused the complexity rules to be enforced for root.

enforce=everyone directive
 
  


Reply

Tags
passwords


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
password complexity with pam_passwdqc.so VMSlives Linux - Security 4 03-30-2009 04:19 PM
Password Complexity Rules zok Linux - Security 1 04-17-2007 05:34 PM
password complexity pasupuleti Linux - Security 18 09-24-2006 02:07 PM
password complexity moinpasha Linux - Security 11 09-13-2006 11:53 PM
password complexity moinpasha Programming 1 09-12-2006 06:24 AM


All times are GMT -5. The time now is 01:51 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration