I replace cracklib with passwdqc in my pam.d system-auth. This allows
simple rules that would match the OP's needs for complexity. (Though
the cracklib docs seem to indicate it can do these things too, I have
not gotten it to work.) I use the "remember=X" option for pam_unix to
remember "X" previous password hashes in /etc/security/opasswd.
If you have the pam_passwdqc package installed, then use the man page
for pam_passwdqc to see how to configure it.
Chet Nichols III wrote:
The useradd command will let you tune password expiration times per user..
but for creating complex passwords, you could always create your own
modified passwd tool that users have to use to enforce your complexity.
As for having the last 4 passwords not used, I'd probably end up creating a
database of some sort that my custom passwd tool would tap into.
There are probably solutions/built-in's already that take care of this, but
that'd be my first thought (I usually think about what I'd do before
searching for already existing solutions).
I'm interested to hear what other people use/would use to handle this :D
Chet
On Mon, Jun 30, 2008 at 12:19 PM, karthik keyan <karthik_arnold1@xxxxxxxxx>
wrote:
Hi All
I would like to setup passwd complexity on our Linux servers .
Min 8 characters - 1 upper , 1 digit and 1 Lower character
Last used 4 passwords should not be used
And also i want to set Passwd expiry for user accounts which are already
created and These passwd complexity should apply to users which has alreay
been created .
I Need your valuable help and advice
Thanks & Regards
Karthik
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subjectunsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
