-   Linux - Security (
-   -   Password policy (

vbo 07-06-2009 01:17 AM

Password policy
Hi all,

I have Redhat EL 3,4,5 boxes and need to apply the password policy given below:

-Passwords to be changed at 90 days instead of 180
-Password change to be forced by the system
-Password length must be at least 6 characters long
-Last 3 passwords to be remembered by the system and dont let to be used at the password change
-When 6 continuous wrong login attemp made , the system should block that id
-Complexity (Optinional)

So pratically how can i do this all?


AlucardZero 07-06-2009 08:15 AM

PAM. Specifically, the pam_cracklib and pam_unix lines in /etc/pam.d/system-auth (probably would work in other files as well but that's where mine are). (this is a subtle hint that this is an easy and common question whose answer you could find more quickly by searching)

jschiwal 07-06-2009 11:49 PM

Some of the items you mentioned are configured in the /etc/security/login.defs file. In particular, password expiry policy.

You may find this page helpful:

anomie 07-09-2009 05:16 PM

Check out pam_passwdqc(8) - which is noted in the article above - as an alternative to pam_cracklib. I find it to be more straightforward and flexible, and better documented.

All times are GMT -5. The time now is 07:19 PM.