Managing aix password policies

Source: Internet
Author: User

Manage the password policy of aix. The following table lists common parameters for storing/etc/security/user in aix. account_locked defines whether the account is locked. locked accounts can not be used for login. possible values: true or false. determines whether the account is locked. The locked account cannot be logged on. It can be set to true or false2.admin defines the administrative status of the user. possible values: true or false. defines the user's management status, which can be set to true or false3.admgroups lists the groups that the user administrates. list user groups 4. auth1 defines the main authentication methods for users. Users can log on through the command line, telnet, remote logon, and su switchover. Possible values: (1) system normal authentication (2) none Not authenticated (3) token; username in/etc/security/login. name Defined by cfg 5. daemon defines whether the user can execute the system resource controller (src) system resource controller. The value may be true or false6.default _ role. 7. dictionlist defines the user password dictionary when detecting a new password. For example,/usr/share/dict/words8.expires defines the expiration time of the user account. 0 indicates that it does not expire. 9. histexpires defines how long the user's password can be re-used (that is, set to the same password interval), 0 indicates no limit 10. histsize defines that the new password cannot be the same as the previous one. The value 0-50 11.login indicates whether the user can log on locally. The value true or false12.logintimes indicates the time period during which the user logs on. the number of times the loginretries account is locked due to an incorrect password. 0 indicates no restriction. 14. The maxage password is available in weeks. 0 indicates no restriction. 15. how long does maxexpired password expire after maxage? 16. the number of repeated characters in the maxrepeats password 17. minage Minimum Password Change Time 18. the minalpha password must contain at least 19 letters. the mindiff new password and the password must contain at least 20 characters. the minimum length of the minlen password is 21. minother password contains at least 22 special characters. whether remote login is allowed for rlogin, true or false23.su: whether to allow the switch from su to this account 24. umask: the default user umask 25. how long before the pwdwarntime password expires, prompting you to change the password. Example: account_locked = true locked account admin = false System Administrator dictionlist =/usr/share/dict/words data dictionary file histexpire = 0 Password reuse cycle (0 weeks, indicating unlimited) histsize = 1 cannot use the previous password login = false do not allow local login loginretries = 3 password retry 3 after locking maxage = 12 password available cycle (12 weeks) maxexpired = 2 the password must be changed within 2 weeks after the use cycle maxrepeats = 0 allow characters to repeatedly appear in the password minage = 0 password cannot change the cycle (0 weeks, indicating unlimited) minalpha = 6 the password must contain 6 letters mindiff = 2 the password must contain at least 2 characters different from the old password minlen = 8 the password must not be less than 8 characters minother = 2 the password must contain 2 non-letter characters pwdwarntime = 10 prompt to Change Password rlogin = true 10 days before the use cycle is reached allow remote login su = true allow other users to switch to the user umask = 027 default file permission is 750 sugroups = system allows users in the "system" group to switch to the root user: define "root" user configuration admin = true system administrator login = true allow local login rlogin = false Disable remote login account_locked = false enable account

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.