Linux (Unix) password policy issues cause root password cannot be modified

Source: Internet
Author: User
Tags uppercase letter

Linux(Unix) Password policy issues cause RootPassword cannot Modify

Date: £ º 1034 download number of times : 5

The user modified The password configuration file, causing the root account to change the password when the following error is reported :

Login to FC, find the corresponding machine, VNC landing system

2. After logging into the system, enter the password policy configuration directory

A. If it is a Debian, Ubuntu or Linux Mint System, edit vim/etc/Pamd/common-password

The configuration of the password policy must be displayed in the following order:



B. If it is CentOS, Fedora, RHEL system, edit vim/etc/pam. D/system-auth, the configuration of the password policy must be shown in the following order:




3. Disable the use of the old password

Find the line that has both "password" and "Pam_unix.so" fields attached with "remember=5", which means that the 5 passwords that have been used recently (passwords that have been used will be saved in the/etc/security/ OPASSWD below).

Debian, Ubuntu, or Linux Mint Systems:

vim/etc/Pamd/common-password

Password [success=1 default=ignore] Pam_unix.so obscure sha512 remember=5

CentOS, Fedora, RHEL systems:

vim/etc/Pamd/system-Auth

Password sufficient pamunix.so sha512 shadow Nullok tryfirstpass Useauthtok remember=5

4. Set the minimum password length

Find the line that has both "password" and "Pam_cracklib.so" fields attached with "minlen=10", which indicates that the minimum password length is (Ten - type number). The "Number of types" here represents the number of different character types. PAM provides 4 types of symbols as passwords (uppercase, lowercase letters, numbers, and punctuation marks). If your password uses these 4 types of symbols at the same time, and your minlen is set to 10, the shortest password length allowed is 6 characters.

Debian, Ubuntu, or Linux Mint Systems:

vim/etc/Pamd/common-password

Password requisite Pam_cracklib.so retry=3 minlen=10 difok=3

CentOS, Fedora, RHEL systems:

vim/etc/Pamd/system-Auth

Password requisite Pam_cracklib.so retry=3 difok=3 minlen=10

5. Setting the complexity of the password

Find both "password" and "Pam_cracklib.so" fields and Attach "ucredit=-1 lcredit=-2 dcredit=-1 ocredit=-1 "That line, which indicates that the password must contain at least one uppercase letter (ucredit), two lowercase letters (lcredit), a number (Dcredit), and a punctuation mark (ocredit).

Debian, Ubuntu, or Linux Mint Systems:

vim/etc/Pamd/common-password

Password requisite Pam_cracklib.so retry=3 minlen=10 difok=3 ucredit=-1 lcredit=-2 dcredit= -1 ocredit=-1

CentOS, Fedora, RHEL systems:

vim/etc/Pamd/system-Auth

Password requisite Pam_cracklib.so retry=3 difok=3 minlen=10 ucredit=-1 lcredit=-2 dcredit=-1 ocredit=-1

6. Set Password expiration period

Vim/etc/login.defs



Users who are unfamiliar with the password policy are advised not to modify the password policy, and if so, do not mistake the order.

Http://www.linuxidc.com/Linux/2013-05/85204.htm

http://blog.csdn.net/xyz846/article/details/26585399

Https://blog.slogra.com/post-137.html

Linux (Unix) password policy issues cause root password cannot be modified

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.