Solaris

Hi Friends,

Can anyone tell me how can I set the password age limit for root user to 14 days....???

Also would like to add following for root password;
min-alpha --- 4
min-other --- 1
min-length -- 6
min-diff ----- 3

How can I do these on command line....???

Regards,
jumadhiya

my os sco 5.0.6
command 'passwd' with letter 'x' expiration
see man passwd for more

take a look at man passwd,
the man page describes your question.

cu
lowbyte

Thanks Lowbyte.

If I run ;

# passwd -x 14

This will set my new password valid for maximum 14 days...right...???

Do I need to put " -n min " value also...???

Man pages shows;

* Each password must have PASSLENGTH characters, where
PASSLENGTH is defined in /etc/default/passwd and is set to 6. Only
the first eight characters are signifi-cant.

* Each password must contain at least two alphabetic
characters and at least one numeric or special charac-ter. In this
case, "alphabetic" refers to all upper or lower case letters.

* Each password must differ from the user's login name
and any reverse or circular shift of that login name.
For comparison purposes, an upper case letter and its
corresponding lower case letter are equivalent.

* New passwords must differ from the old by at least
three characters. For comparison purposes, an upper
case letter and its corresponding lower case letter
are equivalent.

So can you tell me how can I change ;
min-alphabetic characters to 4
min-other character to 1
min-differ value to 3

I can change min password lenght by editing
/etc/default/passwd file.

Please suggest something.....!!!

Thanks & Regards,
jumadhiya.

MINALPHA=4
MINDIFF=3 (No need to define since it's the default)
MINNONALPHA=1 (Assuming you consider other to be non alphabetic, no need to define as well since it's the default).

Possible values to define in /etc/default/passwd

DICTIONDBDIR The directory where the generated dic-
tionary databases reside. Defaults to
/var/passwd.

If neither DICTIONLIST nor DICTIONDBDIR
is specified, the system does not per-
form a dictionary check.

DICTIONLIST DICTIONLIST can contain list of comma
separated dictionary files such as
DICTIONLIST=file1, file2, file3. Each
dictionary file contains multiple lines
and each line consists of a word and a
<NEWLINE> character (similar to
/usr/share/lib/dict/words.) You must
specify full pathnames. The words from
these files are merged into a database
that is used to determine whether a
password is based on a dictionary word.

If neither DICTIONLIST nor DICTIONDBDIR
is specified, the system does not per-
form a dictionary check.

To prebuild the dictionary database, see
mkpwdict(1M).

HISTORY Maximum number of prior password history
to keep for a user. Setting the HISTORY
value to zero (0), or removing the flag,
causes the prior password history of all
users to be discarded at the next pass-
word change by any user. The default is
not to define the HISTORY flag. The max-
imum value is 26. Currently, this func-
tionality is enforced only for user
accounts defined in the "files" name
service (local passwd(4)/shadow(4)).

MAXREPEATS Maximum number of allowable consecutive
repeating characters. If MAXREPEATS is
not set or is zero (0), the default is
no checks

MAXWEEKS Maximum time period that password is
valid.

MINALPHA Minimum number of alpha character
required. If MINALPHA is not set, the
default is 2.

MINDIFF Minimum differences required between an
old and a new password. If MINDIFF is
not set, the default is 3.

MINDIGIT Minimum number of digits required. If
MINDIGIT is not set or is set to zero
(0), the default is no checks. You can-
not be specify MINDIGIT if MINNONALPHA
is also specified.

MINLOWER Minimum number of lower case letters
required. If not set or zero (0), the
default is no checks.

MINNONALPHA Minimum number of non-alpha (including
numeric and special) required. If MIN-
NONALPHA is not set, the default is 1.
You cannot specify MINNONALPHA if MINDI-
GIT or MINSPECIAL is also specified.

MINWEEKS Minimum time period before the password
can be changed.

MINSPECIAL Minimum number of special (non-alpha and
non-digit) characters required. If
MINSPECIAL is not set or is zero (0),
the default is no checks. You cannot
specify MINSPECIAL if you also specify
MINNONALPHA.

MINUPPER Minimum number of upper case letters
required. If MINUPPER is not set or is
zero (0), the default is no checks.

NAMECHECK Enable/disable checking or the login
name. The default is to do login name
checking. A case insensitive value of
"no" disables this feature.

PASSLENGTH Minimum length of password, in charac-
ters.

WARNWEEKS Time period until warning of date of
password's ensuing expiration.

WHITESPACE Determine if whitespace characters are
allowed in passwords. Valid values are
YES and NO. If WHITESPACE is not set or
is set to YES, whitespace characters are
allowed.

Thanks a ton sb008.

But can you clear me for following;

# passwd -x 14 ----------- This command will set my new password valid for maximum 14 days...right...???

Do I need to use " -n min " value also while specifying the maximum valid days...??? I mean " # passwd -n 5 -x 14 ".....something like this....???

Thanks & Regards,
jumadhiya.

Hey,

thats right; passwd -n 5 -x 9 means
passwd is changeable after 5 days and valid for 9 days.
If you set passwd -n 9 -x 8 means
the user may not change the passwd.

CU
lowbyte