linux 密碼安全指令碼

標籤：

 1 #!/bin/bash 2 ＃by:[email protected]163.com 3 DIESO=/etc/pam.d 4 PAMSO=$(ls $DIESO/* |awk -F‘/‘ ‘{print $4}‘) 5 NEPAMUN=‘password    sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok remember=5‘ 6 for PAMS in $PAMSO;do 7     if [[ -n $(cat "$DIESO/$PAMS" | grep "shadow" | awk ‘{print $1}‘) ]];then 8         PAMUN=‘‘ 9         PAMUN=$(cat "$DIESO/$PAMS" | grep "shadow" | awk ‘{print $0}‘)10         if [[ -n $(echo $PAMUN | grep "remember" | awk ‘{print $1}‘) ]];then11                 echo "The password remember has been set"12         else13         sed -i "s/$PAMUN/$NEPAMUN/" $DIESO/$PAMS14         fi15     fi16 
17 done

 1 #!/bin/sh 2 #by:[email protected]163.com 3 DIESO=/etc/pam.d 4 PAMSO=$(ls $DIESO/* |awk -F‘/‘ ‘{print $4}‘) 5 NEPAMUN=‘password    sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok remember=5‘ 6 NEWPASSET=‘password    requisite    pam_cracklib.so retry=3 difok=3 minlen=8 ucredit=-1 lcredit=-2 dcredit=-1 ocredit=-1‘ 7 #retry=3 密碼重試次數為3次 8 #difok=3 允許新密碼中有3個字元與舊密碼相同 9 #minlen=8 密碼最小長度為8 注意：對root使用者無效，root下設定其他使用者此參數也無效，使用者自己修改自己的密碼時才有效10 #ucredit=-1 密碼中必須包含一個大寫字母11 #lcredit=-2 密碼中必須包含最少兩個小寫字母12 #dcredit=-1 密碼中必須包含一個數字13 #ocredit=-1 密碼中最少必須包含一個標點符號14 [ -f /lib/security/pam_cracklib.so ] && echo "start config pam_cracklib.so"15 for PAMS in $PAMSO;do16     if [[ -n $(cat "$DIESO/$PAMS" | grep pam_cracklib | awk ‘{print $1}‘) ]];then17     PASSET=‘‘18     PASSET=$(cat "$DIESO/$PAMS" | grep "pam_cracklib.so" | awk ‘{print $0}‘)19     if [[ -n $( echo $PASSET | grep "difok" | awk ‘{print $1}‘) ]];then20         echo "The password complexity rule has been set "21     else22         sed -i "s/${PASSET}/${NEWPASSET}/" $DIESO/$PAMS    23     fi24     fi25     26     27 done

限制ｔｔｙ

#!/bin/shfor t in $(cat /etc/securetty | grep "^tty" | grep -v "tty[1,2]$");do        T=‘‘    T=$t    sed -i "s/$T/#$T/" /etc/securettydone

 

linux 密碼安全指令碼