Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Passphrase Complexity
Top Forums UNIX for Advanced & Expert Users Passphrase Complexity Post 302497068 by reddyr on Wednesday 16th of February 2011 08:58:40 AM
Old 02-16-2011
Thank you jim for the reply.

I know its optional and need to be kept null for passwordless ssh. But our company security policies force IT team to set it. Now we need to set minimum requirements for this passphrase as 8 char length.

regards,
reddy
 

3 More Discussions You Might Find Interesting

1. Solaris

password complexity check

Hi, I am looking for a simple way to : - force the user to change his password following the first connexion - check the complexity of a password (password should has a least 8 characters with 1 special char and 1 alpha...). Thinks for your help (1 Reply)
Discussion started by: dbsora
1 Replies

2. Cybersecurity

Computational complexity

This is a general question about the practical use of computational complexity in security. Wikipedia has a good article about the theoretical background of computational complexity. In the course of conversation with colleagues, a topic that is brought up occassionally is the security of any... (2 Replies)
Discussion started by: gratuitous_arp
2 Replies

3. SuSE

Setting password complexity

Hi, I am setting password complexity in SLES 11. I am able to do most of things pam-config -d --pwcheck pam-config -a --cracklib pam-config -a --cracklib-minlen=8 pam-config -a --cracklib-dcredit=-1 pam-config -a --cracklib-ocredit=-1 pam-config -a --pwhistory pam-config -a... (1 Reply)
Discussion started by: solaris_1977
1 Replies

LEARN ABOUT OPENSOLARIS

ssh-add

ssh-add(1)							   User Commands							ssh-add(1)

NAME

       ssh-add - add RSA or DSA identities to the authentication agent

SYNOPSIS

       ssh-add [-lLdDxX] [-t life] [ file ]...

DESCRIPTION

       The  ssh-add  utility  adds RSA or DSA identities to the authentication agent, ssh-agent(1). When run without arguments, it attempts to add
       all of the files $HOME/.ssh/identity (RSA v1), $HOME/.ssh/id_rsa (RSA v2), and $HOME/.ssh/id_dsa (DSA v2) that exist. If more than  one	of
       the  private  keys  exists, an attempt to decrypt each with the same passphrase will be made before reprompting for a different passphrase.
       The passphrase is read from the user's tty or by running the program defined in SSH_ASKPASS (see below).

       The authentication agent must be running.

OPTIONS

       The following options are supported:

       -d	  Instead of adding the identity, this option removes the identity from the agent.

       -D	  Deletes all identities from the agent.

       -l	  Lists fingerprints of all identities currently represented by the agent.

       -L	  Lists public key parameters of all identities currently represented by the agent.

       -t life	  Sets a maximum lifetime when adding identities to an agent. The lifetime may be specified in seconds or in a time format  speci-
		  fied in sshd(1M).

       -x	  Locks the agent with a password.

       -X	  Unlocks the agent.

ENVIRONMENT VARIABLES

       DISPLAY		If  ssh-add  needs  a  passphrase, it will read the passphrase from the current terminal if it was run from a terminal. If
       SSH_ASKPASS	ssh-add does not have a terminal associated with it but DISPLAY and SSH_ASKPASS are set, it will execute the program spec-
			ified  by SSH_ASKPASS and open an X11 window to read the passphrase. This is particularly useful when calling ssh-add from
			a .Xsession or related script.

       SSH_AUTH_SOCK	Identifies the path of a unix-domain socket used to communicate with the agent.

EXIT STATUS

       The following exit values are returned:

       0    Successful completion.

       1    An error occurred.

FILES

       These files should not be readable by anyone but the user. Notice that ssh-add ignores a file if it is accessible by others. It is possible
       to specify a passphrase when generating the key; that passphrase will be used to encrypt the private part of this file.

       If  these  files are stored on a network file system it is assumed that either the protection provided in the file themselves or the trans-
       port layer of the network file system provides sufficient protection for the site policy. If this is not the case, then it  is  recommended
       the key files are stored on removable media or locally on the relevant hosts.

       Recommended names for the DSA and RSA key files:

       $HOME/.ssh/identity	  Contains the RSA authentication identity of the user for protocol version 1.

       $HOME/.ssh/identity.pub	  Contains the public part of the RSA authentication identity of the user for protocol version 1.

       $HOME/.ssh/id_dsa	  Contains the private DSA authentication identity of the user.

       $HOME/.ssh/id_dsa.pub	  Contains the public part of the DSA authentication identity of the user.

       $HOME/.ssh/id_rsa	  Contains the private RSA authentication identity of the user.

       $HOME/.ssh/id_rsa.pub	  Contains the public part of the RSA authentication identity of the user.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWsshu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       ssh(1), ssh-agent(1), ssh-keygen(1), sshd(1M), attributes(5)

SunOS 5.11							    9 Jan 2004								ssh-add(1)
All times are GMT -4. The time now is 08:40 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy