Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
08-14-2007, 03:18 AM
|
#1
|
Member
Registered: Nov 2006
Posts: 260
Rep:
|
users password problem
in my institute we are using RHEL 3 as our telnet server and stude are accessing this server from windows using telnet command for their unix classes. they are using "student" userid and "student" password. but few of them changing this password daily.
is it possible to stop or dont permit them to change the password
thanks in advanced
|
|
|
08-14-2007, 06:58 AM
|
#2
|
LQ Guru
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733
|
Changing one's password daily is far too frequent. Look at the man pages for login.defs and usermod. The policy is contained in their /etc/passwd entry. You can set it when creating a new user. You can also use usermod to change it. Also look at /usr/bin/system-config-users for the graphical tool.
|
|
|
08-14-2007, 09:00 AM
|
#3
|
Senior Member
Registered: May 2006
Location: USA
Distribution: Debian
Posts: 4,824
|
@jschiwal: Not what he was asking..
@soumalya: I don't know, but your university should be smacked for using telnet.
|
|
|
08-14-2007, 09:30 AM
|
#4
|
LQ Guru
Registered: Sep 2003
Location: Bologna
Distribution: CentOS 6.5 OpenSuSE 12.3
Posts: 10,509
|
Following the suggestion from jschival, you can set a minimum number of days between password changes at a very high value (in man login.defs for details).
|
|
|
08-15-2007, 01:47 AM
|
#5
|
Member
Registered: Nov 2006
Posts: 260
Original Poster
Rep:
|
thanks for ur answer. can u give the solution
|
|
|
08-15-2007, 02:04 PM
|
#6
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
Try using the fourth field in the /etc/shadow entry. For example:
Code:
win32sux:$1$Nyaxt6pm$oraA4ElPbSzDGeFcGeEYz.:13740:21:99999:7:::
This example shouldn't let user win32sux change his password unless 21 days have passed since the last change.
If he does try to change the password before the 21 days are up, he'd get something like:
Code:
win32sux@candystore:/home/win32sux$ passwd
Changing password for win32sux
(current) UNIX password:
You must wait longer to change your password
passwd: Authentication token manipulation error
passwd: password unchanged
Last edited by win32sux; 08-15-2007 at 02:52 PM.
|
|
|
08-15-2007, 04:48 PM
|
#7
|
LQ Guru
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733
|
The easiest way would be to use the graphical tool (/usr/bin/system-config-users). Besides simply changing the length of time that a password is good for, there may be other options you want such as minimum password length and password strength. Typically PAM is used for this and the users configuration is a central place to change all of these options.
|
|
|
08-17-2007, 02:17 AM
|
#8
|
Member
Registered: Dec 2006
Posts: 606
Rep:
|
I have deleted the /etc/shadow. I cannot login afterwards.
I using Fedora 7. I try to disable used of shadow passwords but still cannot login.
Please help me.
Your help is greatly appreciated by me and others.
|
|
|
08-17-2007, 02:27 AM
|
#9
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
Quote:
Originally Posted by Peter_APIIT
I have deleted the /etc/shadow. I cannot login afterwards.
I using Fedora 7. I try to disable used of shadow passwords but still cannot login.
Please help me.
Your help is greatly appreciated by me and others.
|
Please start your own thread instead of hijacking someone else's.
|
|
|
08-18-2007, 12:19 AM
|
#10
|
Member
Registered: Dec 2006
Posts: 606
Rep:
|
Because this thread is almost related to my situation. I hope you can understand me. I not hijacking others thread.
Please help me.
|
|
|
08-18-2007, 03:24 AM
|
#11
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
Quote:
Originally Posted by Peter_APIIT
Because this thread is almost related to my situation. I hope you can understand me. I not hijacking others thread.
Please help me.
|
We will gladly help you with your issue, but it's not going to happen on this thread. You need to start your own thread (doing so in the Linux - Software forum would be more appropriate, BTW). Do not make any further posts in this thread unless they are to contribute toward a solution for the OP.
Last edited by win32sux; 08-18-2007 at 03:38 AM.
|
|
|
08-27-2007, 08:20 AM
|
#12
|
Member
Registered: Nov 2006
Posts: 260
Original Poster
Rep:
|
Hi win32sux
thankx for ur solution, its working.
|
|
|
All times are GMT -5. The time now is 12:02 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|