Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Periodic check of user password strength
Special Forums Cybersecurity Periodic check of user password strength Post 302348971 by tlynnch on Sunday 30th of August 2009 02:48:50 PM
Old 08-30-2009
Periodic check of user password strength
I need to periodically run a check on the passwords of the users (Redhat 5.0) to verify that all passwords meet minimal standards. I remember seeing a script years ago that grabbed the encrypted passwords from the file and checked if they matched any of the encrypted strings in another file, plus it checked to see if they were just guessable variants of the username, etc.

I would like to find a similar script to run periodically on the servers. We have students putting up webservers for research purposes and sometimes they bypass security measures such as directly inserting the "new" password into the shadow file instead of using passwd().
 

8 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Password safe encryption strength

I'm not sure if this is the right forum for this or not but we use a program called "Password Safe" to store the many root passwords we have for our Unix system. Now we are being called out by our security team to prove that this is a safe program to use. So far I have been able to determine... (1 Reply)
Discussion started by: keelba
1 Replies

2. UNIX for Advanced & Expert Users

password verification verify password of a user for only first 8 characters

Helo , I m using linux pam library for user and its password authentication. I m creating new user and giving its password.I m giving password of 10 characters.now when I login in as that newly created user its ask me $ su - ram Password: You are required to change your password immediately... (12 Replies)
Discussion started by: amitpansuria
12 Replies

3. Programming

Best way to check for system user and password in C

Hello, I'm implementing a very simple FTP client, and to do the login I would like to check against system users instead of using my own database, so that I can give the proper permissions to the newly created process that I spawn with fork. What's the best way for doing this in C? I've read... (4 Replies)
Discussion started by: royger
4 Replies

4. UNIX for Dummies Questions & Answers

Check password strength

For moderator: I made a new thread in a proper part of the forum now https://www.unix.com/homework-coursework-questions/137119-user-processes.html But now i wan't to make something which isn't related to a homework, so i hope you won't close this one. Thanks to those two answers, you helped me!... (9 Replies)
Discussion started by: petel1
9 Replies

5. AIX

How to find TX and RX strength?

I have an AIX server running 6.1. My SAN switch is reporting that it is only receiving 5.9 uWatts (micro watts) and it should be well over 100 uWatts. How can I see the transmit strength of my fiber card from within AIX? I have Emulex fiber cards. (1 Reply)
Discussion started by: kah00na
1 Replies

6. Programming

Periodic thread with clock_nanosleep

Hi I have a periodic task (with the highest priority) which I away every X nano-second. I am using the function clock_nanosleep with REAL_TIME timer. when I wake up, I versify that I was awake on time, and check if the delta between the last time I get to sleep and the current time is X... (4 Replies)
Discussion started by: laro1983
4 Replies

7. Cybersecurity

Openssl cipher strength

I have read the forums for strengthing the openssl ciphers on a server and the following command I can run: openssl ciphers -v 'TLSv1+HIGH:!SSLv2:RC4!MEDIUM:!aNULL:!eNULL:!3DES:!EXPORT:@STRENGTH' I have some services that cannot be set to higher levels like you can set in an httpd.conf file.... (1 Reply)
Discussion started by: hydrashok158
1 Replies

8. HP-UX

How to check password expiration date of particular user?

Hi Guys, I am new to HP-UX and want to find expiration date of particular user please also note i don't have root access on that server. for e.g. i have user abc on my HP box and want to know when its password going to expire and also when its password changed last time. I also try to... (7 Replies)
Discussion started by: Yasin Rakhangi
7 Replies

LEARN ABOUT DEBIAN

pam_pwhistory

PAM_PWHISTORY(8)						 Linux-PAM Manual						  PAM_PWHISTORY(8)

NAME

       pam_pwhistory - PAM module to remember last passwords

SYNOPSIS

       pam_pwhistory.so [debug] [use_authtok] [enforce_for_root] [remember=N] [retry=N] [authtok_type=STRING]

DESCRIPTION

       This module saves the last passwords for each user in order to force password change history and keep the user from alternating between the
       same password too frequently.

       This module does not work together with kerberos. In general, it does not make much sense to use this module in conjunction with NIS or
       LDAP, since the old passwords are stored on the local machine and are not available on another machine for password history checking.

OPTIONS

       debug
	   Turns on debugging via syslog(3).

       use_authtok
	   When password changing enforce the module to use the new password provided by a previously stacked password module (this is used in the
	   example of the stacking of the pam_cracklib module documented below).

       enforce_for_root
	   If this option is set, the check is enforced for root, too.

       remember=N
	   The last N passwords for each user are saved in /etc/security/opasswd. The default is 10.

       retry=N
	   Prompt user at most N times before returning with error. The default is 1.

       authtok_type=STRING
	   See pam_get_authtok(3) for more details.

MODULE TYPES PROVIDED

       Only the password module type is provided.

RETURN VALUES

       PAM_AUTHTOK_ERR
	   No new password was entered, the user aborted password change or new password couldn't be set.

       PAM_IGNORE
	   Password history was disabled.

       PAM_MAXTRIES
	   Password was rejected too often.

       PAM_USER_UNKNOWN
	   User is not known to system.

EXAMPLES

       An example password section would be:

	   #%PAM-1.0
	   password	required       pam_pwhistory.so
	   password	required       pam_unix.so	  use_authtok

       In combination with pam_cracklib:

	   #%PAM-1.0
	   password	required       pam_cracklib.so	  retry=3
	   password	required       pam_pwhistory.so   use_authtok
	   password	required       pam_unix.so	  use_authtok

FILES

       /etc/security/opasswd
	   File with password history

SEE ALSO

       pam.conf(5), pam.d(5), pam(8) pam_get_authtok(3)

AUTHOR

       pam_pwhistory was written by Thorsten Kukuk <kukuk@thkukuk.de>

Linux-PAM Manual						    06/04/2011							  PAM_PWHISTORY(8)
All times are GMT -4. The time now is 12:48 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy