Implementing Security Policies
Stephen John Smoogen
smooge at gmail.com
Fri Jun 23 15:28:13 UTC 2006
n 6/23/06, Bhaskar <abc.bhaskar at gmail.com> wrote:
> Dear Stephen,
>
> Thanks for responding.
>
> My security policies include something as below:
>
> setting minimum password length.
> setting number of retry attempts for the password.
> setting password history, etc.
>
> In FC3, I tried by changing MIN_PASS_LEN=5 in /etc/login.defs files and
> also included minlen=5 parameter in /etc/pam.d/system-auth file.
>
THat is correct. You will also need to run through /etc/shadow and
make sure that any account with passwords has the correct values in
them also.
Password history you will need to use the pam_passwdqc moduel in pam.
Most security policies will ask for a minimum length of 7 characters
(though 8 is preferred), and a change time of 90 days.
--
Stephen J Smoogen.
CSIRT/Linux System Administrator
More information about the security
mailing list