LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 04-08-2008, 11:05 AM   #1
linux-who?
Member
 
Registered: Jul 2005
Location: Florida
Distribution: Red Hat
Posts: 34

Rep: Reputation: 15
How to change password difficulty requirement & expiriation


Hey Everyone,
I have a linux server running RHEL4 update 4. here is my problem: When our users passwords expire (which i feel is happening too frequently) and they are prompted to change their passwords, the minimum requirements are too difficult for the users to create passwords that they can remember and it is causing me headaches gallore. Although i completely understand the importance of password strength and changing passwords often, i have been told by some of my higher-ups to lessen the password strength requirements and make passwords never expire (againts my recommendations to them). How do i enforce this on my server (for all existing users and all future users that we add to the system)?

also, for my knowledge......
how can i increase the time interval for password changing?
Thanks in advance

Last edited by linux-who?; 04-08-2008 at 11:06 AM.
 
Old 04-09-2008, 02:34 AM   #2
camh
Member
 
Registered: Feb 2005
Distribution: Slack/Debian
Posts: 163
Blog Entries: 2

Rep: Reputation: 33
http://www.centos.org/docs/4/pdf/rhel-sg-en.pdf -- check out section 4.3. It should answer your questions.
 
Old 04-09-2008, 07:42 AM   #3
linux-who?
Member
 
Registered: Jul 2005
Location: Florida
Distribution: Red Hat
Posts: 34

Original Poster
Rep: Reputation: 15
Thanks for the reply camh.....

yeah that's what i was afraid of....i really don't want to get into the cruks of playing with PAM.....i was hoping there would be a simple "global" setting that i could change to achieve this.

here is what i did as an alternative....(hopefully this will help someone out in the future):
1) removed password expiratioin for all existing users (UID > 99). Since their passwords will never expire again, i don't have to worry about the interval. i did this with the following shell script:

awk -F\: '$3 > 99 { print "chage -M -1", $1,";" }' /etc/passwd > users2.sh
chmod 777 users2.sh
./users2.sh

2) to address all future users, i will just have to remember to remove expiration from the user properties when i add them into the system
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Get/Change the username & password in a CUSTOM Ubuntu LiveCD tuxhats Ubuntu 0 10-18-2007 09:32 PM
No Sound & System requirement for Mepis 3.3 clickmate123 Linux - Hardware 0 02-25-2005 01:10 AM
How can I change e-mail password(or linux account password) with php in website?? yusuf Programming 1 05-28-2004 09:39 AM
min hardware requirement for routing & firewall Whopper Linux - Hardware 2 10-24-2003 01:51 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:10 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration