Quote:
Originally Posted by bluephoric
Hello, I am new to Linux and need some help with setting password paramenters.
|
If you're new to Linux did you start reading this distributions user, admin and security documentation? Because if you didn't that would be very inefficient. Please see
https://access.redhat.com/documentat...erprise_Linux/ and
http://wiki.centos.org/Documentation
Quote:
Originally Posted by bluephoric
All our servers run CentOS.
|
Do these by any chance include any "inherited" ones? ;-p
'cd /usr/share/doc/pam-*/txts || exit 1;'
'ls -al /etc/pam.d;'
Quote:
Originally Posted by bluephoric
Invalid attempts – not set to lock out after 6 invalid attempts
|
README.pam_tally* ?
Quote:
Originally Posted by bluephoric
Lockout duration – not set to at least 30 minutes or until an administrator enables the user ID.
|
README.pam_faillock?
Quote:
Originally Posted by bluephoric
Minimum password length – set to 5; needs to be set to at least 7. Complexity has not been set.
|
README.pam_unix, README.pam_cracklib and 'man pam_passwdqc'?
Quote:
Originally Posted by bluephoric
Password Age – not set. Needs to be at least once every 90 days.
|
'man chage'?
Quote:
Originally Posted by bluephoric
Password History – not set.
|
README.pam_unix and or README.pam_pwhistory?