securing user account

Password authentication is controlled by the PAM module pam_unix, and all settings associated with login are listed at /etc/pam.d/login. An additional configuration file /etc/pam.d/common-password includes values that control password checks.

Set a strong password policy with the following steps:
  • Open the /etc/pam.d/common-password file with GNU nano:
     $ sudo nano /etc/pam.d/common-password
    
  • Find the line similar to this:
    password    [success=1 default=ignore]  pam_unix.so obscure sha512
    
  • Add minlen to the end of this line:
    password    [success=1 default=ignore]  pam_unix.so obscure sha512 minlen=8
  • Add this line to enforce alphanumeric passwords:
    password requisite pam_cracklib.so ucredit=-1 lcredit=-1 dcredit=-1  ocredit=-1




Comments

Popular posts from this blog

HAproxy logging

teamcity Automatic Agent Start under Linux

NFS mount add in fstab _netdev instead of default | firewall-cmd --list-all