FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Red Hat Linux

 
 
LinkBack Thread Tools
 
Old 06-30-2008, 04:46 PM
"Chet Nichols III"
 
Default Password Complexity in Linux

The useradd command will let you tune password expiration times per user..
but for creating complex passwords, you could always create your own
modified passwd tool that users have to use to enforce your complexity.
As for having the last 4 passwords not used, I'd probably end up creating a
database of some sort that my custom passwd tool would tap into.

There are probably solutions/built-in's already that take care of this, but
that'd be my first thought (I usually think about what I'd do before
searching for already existing solutions).

I'm interested to hear what other people use/would use to handle this

Chet

On Mon, Jun 30, 2008 at 12:19 PM, karthik keyan <karthik_arnold1@yahoo.com>
wrote:

> Hi All
>
> I would like to setup passwd complexity on our Linux servers .
>
> Min 8 characters - 1 upper , 1 digit and 1 Lower character
>
> Last used 4 passwords should not be used
>
> And also i want to set Passwd expiry for user accounts which are already
> created and These passwd complexity should apply to users which has alreay
> been created .
>
> I Need your valuable help and advice
>
> Thanks & Regards
> Karthik
>
>
>
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@redhat.com?subjectunsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>



--
----------------------------------------
chet nichols III
chet.nichols@gmail.com
aim: chet / twitter: chet
http://chetnichols.org
----------------------------------------
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 06-30-2008, 04:55 PM
Kristoffer Knigga
 
Default Password Complexity in Linux

I have this in my /etc/pam.d/system-auth:

password requisite /lib/security/$ISA/pam_cracklib.so retry=3 minlen=8 lcredit=-1 ucredit=-1 dcredit=-1 retry=3

That requires one upper, one lower, one digit, and a minimum of 8 characters.

I'm not sure how to remember the last X passwords.

Kris



-----Original Message-----
From: redhat-list-bounces@redhat.com [mailto:redhat-list-bounces@redhat.com] On Behalf Of karthik keyan
Sent: Monday, June 30, 2008 11:20 AM
To: redhat-list@redhat.com
Subject: Password Complexity in Linux

Hi All

I would like to setup passwd complexity on our Linux servers .

Min 8 characters - 1 upper , 1 digit and 1 Lower character

Last used 4 passwords should not be used

And also i want to set Passwd expiry for user accounts which are already created and These passwd complexity should apply to users which has alreay been created .

I Need your valuable help and advice

Thanks & Regards
Karthik




--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

__________________________________________________ ____________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
__________________________________________________ ____________________

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 06-30-2008, 05:01 PM
Wayne Betts
 
Default Password Complexity in Linux

I replace cracklib with passwdqc in my pam.d system-auth. This allows
simple rules that would match the OP's needs for complexity. (Though
the cracklib docs seem to indicate it can do these things too, I have
not gotten it to work.) I use the "remember=X" option for pam_unix to
remember "X" previous password hashes in /etc/security/opasswd.


If you have the pam_passwdqc package installed, then use the man page
for pam_passwdqc to see how to configure it.




Chet Nichols III wrote:

The useradd command will let you tune password expiration times per user..
but for creating complex passwords, you could always create your own
modified passwd tool that users have to use to enforce your complexity.
As for having the last 4 passwords not used, I'd probably end up creating a
database of some sort that my custom passwd tool would tap into.

There are probably solutions/built-in's already that take care of this, but
that'd be my first thought (I usually think about what I'd do before
searching for already existing solutions).

I'm interested to hear what other people use/would use to handle this

Chet

On Mon, Jun 30, 2008 at 12:19 PM, karthik keyan <karthik_arnold1@yahoo.com>
wrote:


Hi All

I would like to setup passwd complexity on our Linux servers .

Min 8 characters - 1 upper , 1 digit and 1 Lower character

Last used 4 passwords should not be used

And also i want to set Passwd expiry for user accounts which are already
created and These passwd complexity should apply to users which has alreay
been created .

I Need your valuable help and advice

Thanks & Regards
Karthik




--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subjectunsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list







--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 06-30-2008, 05:02 PM
Harry Hoffman
 
Default Password Complexity in Linux

check out the man page for pam_cracklib

Cheers,
Harry


On Mon, 2008-06-30 at 12:46 -0400, Chet Nichols III wrote:
> The useradd command will let you tune password expiration times per user..
> but for creating complex passwords, you could always create your own
> modified passwd tool that users have to use to enforce your complexity.
> As for having the last 4 passwords not used, I'd probably end up creating a
> database of some sort that my custom passwd tool would tap into.
>
> There are probably solutions/built-in's already that take care of this, but
> that'd be my first thought (I usually think about what I'd do before
> searching for already existing solutions).
>
> I'm interested to hear what other people use/would use to handle this
>
> Chet
>
> On Mon, Jun 30, 2008 at 12:19 PM, karthik keyan <karthik_arnold1@yahoo.com>
> wrote:
>
> > Hi All
> >
> > I would like to setup passwd complexity on our Linux servers .
> >
> > Min 8 characters - 1 upper , 1 digit and 1 Lower character
> >
> > Last used 4 passwords should not be used
> >
> > And also i want to set Passwd expiry for user accounts which are already
> > created and These passwd complexity should apply to users which has alreay
> > been created .
> >
> > I Need your valuable help and advice
> >
> > Thanks & Regards
> > Karthik
> >
> >
> >
> >
> > --
> > redhat-list mailing list
> > unsubscribe mailto:redhat-list-request@redhat.com?subjectunsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> >
>
>
>
> --
> ----------------------------------------
> chet nichols III
> chet.nichols@gmail.com
> aim: chet / twitter: chet
> http://chetnichols.org
> ----------------------------------------

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 06-30-2008, 05:05 PM
"Chet Nichols III"
 
Default Password Complexity in Linux

sweet. see.. i was figuring there was already something out there :okes
karthik::
On Mon, Jun 30, 2008 at 1:01 PM, Wayne Betts <wbetts@bnl.gov> wrote:

> I replace cracklib with passwdqc in my pam.d system-auth. This allows
> simple rules that would match the OP's needs for complexity. (Though the
> cracklib docs seem to indicate it can do these things too, I have not gotten
> it to work.) I use the "remember=X" option for pam_unix to remember "X"
> previous password hashes in /etc/security/opasswd.
>
> If you have the pam_passwdqc package installed, then use the man page for
> pam_passwdqc to see how to configure it.
>
>
>
>
> Chet Nichols III wrote:
>
>> The useradd command will let you tune password expiration times per user..
>> but for creating complex passwords, you could always create your own
>> modified passwd tool that users have to use to enforce your complexity.
>> As for having the last 4 passwords not used, I'd probably end up creating
>> a
>> database of some sort that my custom passwd tool would tap into.
>>
>> There are probably solutions/built-in's already that take care of this,
>> but
>> that'd be my first thought (I usually think about what I'd do before
>> searching for already existing solutions).
>>
>> I'm interested to hear what other people use/would use to handle this
>>
>> Chet
>>
>> On Mon, Jun 30, 2008 at 12:19 PM, karthik keyan <
>> karthik_arnold1@yahoo.com>
>> wrote:
>>
>> Hi All
>>>
>>> I would like to setup passwd complexity on our Linux servers .
>>>
>>> Min 8 characters - 1 upper , 1 digit and 1 Lower character
>>>
>>> Last used 4 passwords should not be used
>>>
>>> And also i want to set Passwd expiry for user accounts which are already
>>> created and These passwd complexity should apply to users which has
>>> alreay
>>> been created .
>>>
>>> I Need your valuable help and advice
>>>
>>> Thanks & Regards
>>> Karthik
>>>
>>>
>>>
>>>
>>> --
>>> redhat-list mailing list
>>> unsubscribe mailto:redhat-list-request@redhat.com?subjectunsubscribe
>>> https://www.redhat.com/mailman/listinfo/redhat-list
>>>
>>>
>>
>>
>>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
>
> https://www.redhat.com/mailman/listinfo/redhat-list
>



--
----------------------------------------
chet nichols III
chet.nichols@gmail.com
aim: chet / twitter: chet
http://chetnichols.org
----------------------------------------
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 

Thread Tools




All times are GMT. The time now is 02:33 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org