LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 04-17-2007, 03:50 PM   #1
zok
Member
 
Registered: Sep 2006
Posts: 42

Rep: Reputation: 15
Password Complexity Rules


I'm trying to figure out what password complexity rules some of our Linux AS3 and AS4 machines have -- what's the minimum length, what characters are required, what strings are prohibitted, etc. Also, how we would go about changing some of these rules. Actually, I've learned that pam_cracklib is what's handling this on our systems and that this can be configured in /etc/pam.d/system-auth on Redhat machines. What I'm trying to determine is what default minimum rules are used if nothing else is configured. For example, on one of our machines the relevant lines in system-auth are:

password required /lib/security/$ISA/pam_cracklib.so retry=3 type=
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password required /lib/security/$ISA/pam_deny.so

Since there isn't much configured here (other than the number of retries for setting a new password being 3) I'm wondering what minimum/default rules are being used, since I do know that it forces a certain level of complexity when setting passwords. I just don't know how to find out what the rules are.

Thanks.
 
Old 04-17-2007, 04:34 PM   #2
zok
Member
 
Registered: Sep 2006
Posts: 42

Original Poster
Rep: Reputation: 15
Found the answers here in case anyone's looking in the future (the pam_cracklib man page):

http://www.die.net/doc/linux/man/man...racklib.8.html
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
password complexity pasupuleti Linux - Security 18 09-24-2006 01:07 PM
password complexity moinpasha Linux - Security 11 09-13-2006 10:53 PM
password complexity moinpasha Programming 1 09-12-2006 05:24 AM
Setting password complexity Harry Seldon Linux - General 1 08-04-2006 02:33 PM
Linux PAM minimum password and complexity reemo73 Linux - Software 3 06-01-2005 03:22 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:59 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration