Helo ,
I m using linux pam library for user and its password authentication.
I m creating new user and giving its password.I m giving password of 10 characters.now when I login in as that newly created user its ask me

$ su - ram
Password:
You are required to change your password immediately (root enforced)
Changing password for ram
(current) UNIX password:
I m giving my current passwd

(new) Password :

I m giving my new passwd of 10 characters.

Now i m log off and again login as that user

Now when I give my password more only first 8 characters then also It allows me to login

how come this happen?

I also observed that it verify the password for first 8 characters.

can you tell me how to overcome this problem.

Regards,
Amit

Check this file:
/etc/pam.d/common-password

Look for:
password required pam_unix.so nullok obscure min=4 max=8 md5

Linux systems have 256 character limit. Also, you can change and/or extend the limit to 10 characters in Unices (I think!).

HTH,


Sorry for all these edits....
Nitin

Hi nitin thx for reply.

I have check thhe entry of file passwd in /etc/pam.d . the entrty for this is:

#%PAM-1.0
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth


so how do I change passwd limit

also see my /etc/pam.d/system-auth entry are given bewlo

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth required /lib/security/$ISA/pam_deny.so

account required /lib/security/$ISA/pam_unix.so
account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account required /lib/security/$ISA/pam_permit.so

password requisite /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password required /lib/security/$ISA/pam_deny.so

session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so

Sorry buddy for the delayed response. Can you do an ls -l on this dir:
/etc/pam.d
I'm looking for /etc/pam.d/common-password file. Anyhow, I'm guessing that this line in /etc/pam.d/system-auth may be the key:
I'll try to find out more on it.

-Nitin

I think I'm pretty sure that you can set the password limit here, in your /etc/pam.d/login file (you will have to add this line below):

You can change max value to whatever you want. Going through man pages, max is not documented, but the functionality is there. Also, before any changes make sure you backup your files.

-Nitin

Hi Nitin thx for your reply.

/etc/pam.d/passwd file contains following(its passwd file not common-passwd)

#%PAM-1.0
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth


#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth required /lib/security/$ISA/pam_deny.so

account required /lib/security/$ISA/pam_unix.so
account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account required /lib/security/$ISA/pam_permit.so

password requisite /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password required /lib/security/$ISA/pam_deny.so

session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so




My problem is that suppose create a user and give a 12 character password . It will accept this password.

But when I logg off and again login and now I give first 8 character then only It will accept password. So it menas it validates only first 8 character.

yr help will be highly appreciated.
Regards,
Amit
A