Hey Everyone,
I have a linux server running RHEL4 update 4. here is my problem: When our users passwords expire (which i feel is happening too frequently) and they are prompted to change their passwords, the minimum requirements are too difficult for the users to create passwords that they can remember and it is causing me headaches gallore. Although i completely understand the importance of password strength and changing passwords often, i have been told by some of my higher-ups to lessen the password strength requirements and make passwords never expire (againts my recommendations to them). How do i enforce this on my server (for all existing users and all future users that we add to the system)?

also, for my knowledge......
how can i increase the time interval for password changing?
Thanks in advance

http://www.centos.org/docs/4/pdf/rhel-sg-en.pdf -- check out section 4.3. It should answer your questions.

Thanks for the reply camh.....

yeah that's what i was afraid of....i really don't want to get into the cruks of playing with PAM.....i was hoping there would be a simple "global" setting that i could change to achieve this.

here is what i did as an alternative....(hopefully this will help someone out in the future):
1) removed password expiratioin for all existing users (UID > 99). Since their passwords will never expire again, i don't have to worry about the interval. i did this with the following shell script:

awk -F\: '$3 > 99 { print "chage -M -1", $1,";" }' /etc/passwd > users2.sh
chmod 777 users2.sh
./users2.sh

2) to address all future users, i will just have to remember to remove expiration from the user properties when i add them into the system