Password hardening on SUSE system

From MyWiki

Jump to: navigation, search

I needed to restrict the length of passwords to 8 chars min, 32 chars max. Combination of letters (upcase,lowercase) and numbers and/or others. Not to reuse the last 12 passwords

/etc/security/pam_pwcheck.conf:

password:       minlen=8 cracklib nullok md5 remember=12

/etc/default/passwd:

CRYPT=md5
CRYPT_FILES=md5
BLOWFISH_CRYPT_FILES=10
CRYPT_YP=des

/etc/pam.d/passwd

#%PAM-1.0
auth     required       pam_unix2.so    nullok
account  required       pam_unix2.so
password required       pam_passwdqc.so retry=3 ask_oldauthtok min=disabled,disabled,disabled,8,8 random=32 max=32
password required       pam_pwcheck.so  use_authtok
password required       pam_unix2.so    use_first_pass use_authtok 
session  required       pam_unix2.so
Personal tools