Hello,
I have another problem, and this problem seems serious. I cannot change the
password.
pc1:~ $ passwd
Changing password for user prueba.
Changing password for prueba
(current) UNIX password:
New password:
Retype new password:
Password has been already used. Choose another.
Password has been already used. Choose another.
Password has been already used. Choose another.
passwd: Authentication token manipulation error
pc1:~ $
The log shows:
Jul 25 13:04:07 pc1 passwd(pam_unix)[13170]: new password not acceptable
ideas for me?
thanks,
rozio
---------- Mensaje reenviado ----------
Subject: Re: restrict passwords
Date: Fri, 25 Jul 2003 14:07:19 +0200
From: Rocio Alfonso Pita <rozio@xxxxxxxxxxxxxxxxxxxx>
To: pam-list@xxxxxxxxxx, Andrew Shewmaker <shewa@xxxxxxxx>
hello,
Thanks for this good information. I probe it and I have a little problem: I
cannot lock the user account.
Log shows:
Jul 25 12:43:07 pc1 login(pam_unix)[13002]: 3 more authentication failures;
logname= uid=0 euid=0 tty=tty4 ruser= rhost= user=prueba
Jul 25 12:43:07 pc1 login(pam_unix)[13002]: service(login) ignoring max
retries; 4 > 3
Jul 25 12:43:11 pc1 login(pam_unix)[13003]: session opened for user prueba by
(uid=0)
I write a wrong password 3 times, and after I can enter in my account. Why?
My /etc/pam.d/system-auth is now:
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_unix.so likeauth nullok
auth required /lib/security/pam_deny.so
account required /lib/security/pam_unix.so
account required /lib/security/pam_tally.so deny=3 no_magic_root
reset
password required /lib/security/pam_cracklib.so retry=3 type= difok=2
minlen=7
password sufficient /lib/security/pam_unix.so nullok use_authtok md5
shadow remember=3
password required /lib/security/pam_deny.so
session required /lib/security/pam_limits.so
session required /lib/security/pam_unix.so
thanks and regards,
rozio
El Lun 21 Jul 2003 15:48, Andrew Shewmaker ha dicho:
> Rocio Alfonso Pita wrote:
> > Hello,
> >
> > I want to configure the users passwords so:
> >
> > - minimum ttl for password
> > - maximum ttl for password
> > - maximum repeat 2 characters
> > - user cannot repeat the 2 lastest passwords.
> > - if user fail his password for 3 times, lock his account.
> >
> > The minimum and maximum ttl I can to configure with "passwd" or in
> > /etc/logins.defs.
>
> I found this site very helpful when I was setting up something
> similar to you.
>
> http://www.puschitz.com/Security.shtml
>
> -Andrew
--
Este correo electrónico y los documentos que lo acompañan pueden contener
información reservada y/o confidencial, dirigida exclusivamente al uso del
destinatario. Si Vd. no es el destinatario, no está autorizado a copiar o
distribuir esta comunicación a ninguna otra persona. Si ha recibido este
correo electrónico por error, le rogamos nos lo devuelva y lo elimine de su
sistema. Gracias.
_____________________________________
Rocío Alfonso Pita
Dpto. Sistemas
Universal Support S.A.U.
Tlf: +34 981 779 140 ext. 6209
Fax: +34 981 779 141
_____________________________________
_______________________________________________
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
