Hello Everyone,
Thanks for taking the time out to read my message :)
Goal: Have local password policy enforcement to ensure that parties
select password that meet a particular criteria. In this case Minimum of
8 characters, 3 of the 4 character classes, no pets, spouse, mailman's
name etc.
Background Info:
redhat-release-9-3
pam-0.75-48
-- start file --
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth required /lib/security/$ISA/pam_deny.so
account required /lib/security/$ISA/pam_unix.so
password required /lib/security/$ISA/pam_cracklib.so debug
retry=3 dcredit=-1 \
ucredit=-1 ocredit=-1 lcredit=0 minlen=9
password sufficient /lib/security/$ISA/pam_unix.so nullok
use_authtok md5 shadow
password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
-- end file --
Situation: I found the PAM System administrator's guide it seemed from
the guide that I could meet my goal through manipulation of cracklib
arguments. I found on multiple systems I tried "dcredit=-1 ucredit=-1
ocredit=-1 lcredit=0" in various combinations that as long as the
minimum length was met PAM would accept a password of all lower case
[a-z] characters.
Has anyone run into a similar problem they were able to solve?
Thanks in advance,
JC
_______________________________________________
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
