Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: password complexity check
Operating Systems Solaris password complexity check Post 302087045 by pressy on Tuesday 29th of August 2006 01:30:09 PM
Old 08-29-2006
look into your /etc/default/passwd, there you will find these things...

Code:
# more /etc/default/passwd

#ident  "@(#)passwd.dfl 1.7     04/04/22 SMI"
#
# Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
# Use is subject to license terms.
#
MAXWEEKS=
MINWEEKS=
PASSLENGTH=6

# NAMECHECK enables/disables login name checking.
# The default is to do login name checking.
# Specifying a value of "NO" will disable login name checking.
#
#NAMECHECK=NO

# HISTORY sets the number of prior password changes to keep and
# check for a user when changing passwords.  Setting the HISTORY
# value to zero (0), or removing/commenting out the flag will
# cause all users' prior password history to be discarded at the
# next password change by any user.  No password history will
# be checked if the flag is not present or has zero value.
# The maximum value of HISTORY is 26.
#
# This flag is only enforced for user accounts defined in the
# local passwd(4)/shadow(4) files.
#
#HISTORY=0
#
# Password complexity tunables.  The values listed are the defaults
# which are compatible with previous releases of passwd.
# See passwd(1) and pam_authtok_check(5) for use warnings and
# discussion of the use of these options.
#
#MINDIFF=3
#MINALPHA=2
#MINNONALPHA=1
#MINUPPER=0
#MINLOWER=0
#MAXREPEATS=0
#MINSPECIAL=0
#MINDIGIT=0
#WHITESPACE=YES
#
#
# passwd performs dictionary lookups if DICTIONLIST or DICTIONDBDIR
# is defined. If the password database does not yet exist, it is
# created by passwd. See passwd(1), pam_authtok_check(5) and
# mkdict(1) for more information.
#
#DICTIONLIST=
#DICTIONDBDIR=/var/passwd

regards pressy
 

10 More Discussions You Might Find Interesting

1. Programming

check root password

hai Friends How can i check the root password of a linux system using a c program or with some shell script... I have seen many tools like webmin that authenticates the user using the root password... How do they do that... Pls help... Thanks in advance Collins (1 Reply)
Discussion started by: collins
1 Replies

2. UNIX for Dummies Questions & Answers

password check

Hi While using Pipe concept ,if a user enters a "login name" and "paswword" ,then how does a child process check for user password is correct or not and give notification to parent process. (1 Reply)
Discussion started by: riya
1 Replies

3. Shell Programming and Scripting

Check password age

Hi Guys, I hope one of you has already done this and is kind enough to share your script with me. I have a Solaris8 server that uses password aging for its local user accounts. I need a script that checks the age of the password and then sends the user an email if the password is about to... (3 Replies)
Discussion started by: Tornado
3 Replies

4. AIX

How to check password expiry in AIX?

Hi All, Could anyone please help me with the command or script for checking the password expiry for a particular userid on AIX. Regards, Sanjay...:) (5 Replies)
Discussion started by: SanjayPasum
5 Replies

5. Shell Programming and Scripting

How can I check that a password is correct?

Hi there, There's something I don't understand. The same string does not give the same md5 hash everytime. I wanted to find a way to check someone's password but the following script obviously shows that it's not possible that way : ks354286:~# user=foo ks354286:~# pw=$(mkpasswd -H md5... (3 Replies)
Discussion started by: chebarbudo
3 Replies

6. UNIX for Dummies Questions & Answers

Check password strength

For moderator: I made a new thread in a proper part of the forum now https://www.unix.com/homework-coursework-questions/137119-user-processes.html But now i wan't to make something which isn't related to a homework, so i hope you won't close this one. Thanks to those two answers, you helped me!... (9 Replies)
Discussion started by: petel1
9 Replies

7. Solaris

Check when password expires

How do I check to see when a password expires on a user account with using the CLI? (1 Reply)
Discussion started by: jastanle84
1 Replies

8. Shell Programming and Scripting

how to check for valid password

I need to check if an account has a valid password. Would something like this work? read ACCNAME if grep -q "^$ACCNAME:\$6:" /etc/shadow; thenI noticed every entry in my shadow file that has a password starts with $6 ... it works for my current setup, but would it always work? I can't test... (4 Replies)
Discussion started by: ADay2Long
4 Replies

9. SuSE

Setting password complexity

Hi, I am setting password complexity in SLES 11. I am able to do most of things pam-config -d --pwcheck pam-config -a --cracklib pam-config -a --cracklib-minlen=8 pam-config -a --cracklib-dcredit=-1 pam-config -a --cracklib-ocredit=-1 pam-config -a --pwhistory pam-config -a... (1 Reply)
Discussion started by: solaris_1977
1 Replies

10. Solaris

Solaris 10 - password complexity not working

I have been trying to enable password complexity variables on Solaris 10 by editing the /etc/default/passwd file but none of my changes are taking effect (I'm still able to set passwords that violate the rules I am trying to implement). I've tried an O/S reboot after the changes but that had no... (6 Replies)
Discussion started by: triggerhippie
6 Replies

LEARN ABOUT LINUX

pam_pwhistory

PAM_PWHISTORY(8)						 Linux-PAM Manual						  PAM_PWHISTORY(8)

NAME

       pam_pwhistory - PAM module to remember last passwords

SYNOPSIS

       pam_pwhistory.so [debug] [use_authtok] [enforce_for_root] [remember=N] [retry=N] [authtok_type=STRING]

DESCRIPTION

       This module saves the last passwords for each user in order to force password change history and keep the user from alternating between the
       same password too frequently.

       This module does not work together with kerberos. In general, it does not make much sense to use this module in conjunction with NIS or
       LDAP, since the old passwords are stored on the local machine and are not available on another machine for password history checking.

OPTIONS

       debug
	   Turns on debugging via syslog(3).

       use_authtok
	   When password changing enforce the module to use the new password provided by a previously stacked password module (this is used in the
	   example of the stacking of the pam_cracklib module documented below).

       enforce_for_root
	   If this option is set, the check is enforced for root, too.

       remember=N
	   The last N passwords for each user are saved in /etc/security/opasswd. The default is 10.

       retry=N
	   Prompt user at most N times before returning with error. The default is 1.

       authtok_type=STRING
	   See pam_get_authtok(3) for more details.

MODULE TYPES PROVIDED

       Only the password module type is provided.

RETURN VALUES

       PAM_AUTHTOK_ERR
	   No new password was entered, the user aborted password change or new password couldn't be set.

       PAM_IGNORE
	   Password history was disabled.

       PAM_MAXTRIES
	   Password was rejected too often.

       PAM_USER_UNKNOWN
	   User is not known to system.

EXAMPLES

       An example password section would be:

	   #%PAM-1.0
	   password	required       pam_pwhistory.so
	   password	required       pam_unix.so	  use_authtok

       In combination with pam_cracklib:

	   #%PAM-1.0
	   password	required       pam_cracklib.so	  retry=3
	   password	required       pam_pwhistory.so   use_authtok
	   password	required       pam_unix.so	  use_authtok

FILES

       /etc/security/opasswd
	   File with password history

SEE ALSO

       pam.conf(5), pam.d(5), pam(8) pam_get_authtok(3)

AUTHOR

       pam_pwhistory was written by Thorsten Kukuk <kukuk@thkukuk.de>

Linux-PAM Manual						    06/04/2011							  PAM_PWHISTORY(8)
All times are GMT -4. The time now is 07:45 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy