LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-14-2007, 03:18 AM   #1
soumalya
Member
 
Registered: Nov 2006
Posts: 260

Rep: Reputation: 31
users password problem


in my institute we are using RHEL 3 as our telnet server and stude are accessing this server from windows using telnet command for their unix classes. they are using "student" userid and "student" password. but few of them changing this password daily.

is it possible to stop or dont permit them to change the password


thanks in advanced
 
Old 08-14-2007, 06:58 AM   #2
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 682Reputation: 682Reputation: 682Reputation: 682Reputation: 682Reputation: 682
Changing one's password daily is far too frequent. Look at the man pages for login.defs and usermod. The policy is contained in their /etc/passwd entry. You can set it when creating a new user. You can also use usermod to change it. Also look at /usr/bin/system-config-users for the graphical tool.
 
Old 08-14-2007, 09:00 AM   #3
AlucardZero
Senior Member
 
Registered: May 2006
Location: USA
Distribution: Debian
Posts: 4,824

Rep: Reputation: 615Reputation: 615Reputation: 615Reputation: 615Reputation: 615Reputation: 615
@jschiwal: Not what he was asking..

@soumalya: I don't know, but your university should be smacked for using telnet.
 
Old 08-14-2007, 09:30 AM   #4
colucix
LQ Guru
 
Registered: Sep 2003
Location: Bologna
Distribution: CentOS 6.5 OpenSuSE 12.3
Posts: 10,509

Rep: Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983
Following the suggestion from jschival, you can set a minimum number of days between password changes at a very high value (in man login.defs for details).
 
Old 08-15-2007, 01:47 AM   #5
soumalya
Member
 
Registered: Nov 2006
Posts: 260

Original Poster
Rep: Reputation: 31
thanks for ur answer. can u give the solution
 
Old 08-15-2007, 02:04 PM   #6
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Try using the fourth field in the /etc/shadow entry. For example:
Code:
win32sux:$1$Nyaxt6pm$oraA4ElPbSzDGeFcGeEYz.:13740:21:99999:7:::
This example shouldn't let user win32sux change his password unless 21 days have passed since the last change.

If he does try to change the password before the 21 days are up, he'd get something like:
Code:
win32sux@candystore:/home/win32sux$ passwd
Changing password for win32sux
(current) UNIX password: 
You must wait longer to change your password
passwd: Authentication token manipulation error
passwd: password unchanged

Last edited by win32sux; 08-15-2007 at 02:52 PM.
 
Old 08-15-2007, 04:48 PM   #7
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 682Reputation: 682Reputation: 682Reputation: 682Reputation: 682Reputation: 682
The easiest way would be to use the graphical tool (/usr/bin/system-config-users). Besides simply changing the length of time that a password is good for, there may be other options you want such as minimum password length and password strength. Typically PAM is used for this and the users configuration is a central place to change all of these options.
 
Old 08-17-2007, 02:17 AM   #8
Peter_APIIT
Member
 
Registered: Dec 2006
Posts: 606

Rep: Reputation: 31
Thumbs up

I have deleted the /etc/shadow. I cannot login afterwards.

I using Fedora 7. I try to disable used of shadow passwords but still cannot login.

Please help me.

Your help is greatly appreciated by me and others.
 
Old 08-17-2007, 02:27 AM   #9
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Quote:
Originally Posted by Peter_APIIT View Post
I have deleted the /etc/shadow. I cannot login afterwards.

I using Fedora 7. I try to disable used of shadow passwords but still cannot login.

Please help me.

Your help is greatly appreciated by me and others.
Please start your own thread instead of hijacking someone else's.
 
Old 08-18-2007, 12:19 AM   #10
Peter_APIIT
Member
 
Registered: Dec 2006
Posts: 606

Rep: Reputation: 31
Because this thread is almost related to my situation. I hope you can understand me. I not hijacking others thread.

Please help me.
 
Old 08-18-2007, 03:24 AM   #11
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Quote:
Originally Posted by Peter_APIIT View Post
Because this thread is almost related to my situation. I hope you can understand me. I not hijacking others thread.

Please help me.
We will gladly help you with your issue, but it's not going to happen on this thread. You need to start your own thread (doing so in the Linux - Software forum would be more appropriate, BTW). Do not make any further posts in this thread unless they are to contribute toward a solution for the OP.

Last edited by win32sux; 08-18-2007 at 03:38 AM.
 
Old 08-27-2007, 08:20 AM   #12
soumalya
Member
 
Registered: Nov 2006
Posts: 260

Original Poster
Rep: Reputation: 31
Hi win32sux

thankx for ur solution, its working.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Notifying Users of Mandatory Password Changes kaplan71 Fedora 1 12-19-2006 10:51 PM
Sudo password for users, a.k.a. sudoers Micro420 SUSE / openSUSE 2 04-21-2006 10:23 PM
Best way for users to change/recover password psychobyte Linux - Networking 1 01-18-2006 01:58 AM
NO password for users aranes SUSE / openSUSE 3 11-06-2004 06:27 PM
Cant set password for new users ribbones Linux - General 1 09-03-2003 11:56 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:02 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration