Help -- PAM password restrictions don't seem to be working
I set some restrictions in /etc/pam.d/system-auth, but they don't seem to be affecting anything.
/etc/pam.d/passwd: Code:
password required pam_cracklib.so retry=3 minlen=8 Code:
auth required pam_env.so Console: Code:
admin1@box1$ passwd /var/log/secure doesn't seem to show much except for "password changed for user": Code:
Apr 21 22:10:49 passwd[1134]: pam_unix(passwd:chauthtok): username [admin1] obtained Any ideas? |
For your consideration: my comments on pam_cracklib vs. pam_passwdqc.
That said, what OS / version is this? Your /etc/pam.d/passwd config looks odd. On RHEL, for example, by default it should read - Code:
... |
...and adding /usr/share/doc/pam-${VERSION}/txts/README.pam_cracklib to that: minlen=N The minimum acceptable size for the new password (plus one if credits are not disabled which is the default).. So in your case, since credits are not disabled, minlen is actually $[${minlen}+1], right?
|
I put the rules in pam.d/passwd instead of system-auth, and it works as expected. Not sure why it was originally set up like this, but that did the trick.
|
All times are GMT -5. The time now is 08:26 PM. |