Making PAM/RedHat passwd less fussy?

Making PAM/RedHat passwd less fussy?

Post by agai » Wed, 15 Oct 1997 04:00:00



For those of us with few security fears, is there a way of changing the
policy of the passwd command in  Red Hat Linux less fussy about password
standards.

Yes - in certain situations I'd like a password command to reject

printer
PrinteR
Pr1nter

etc...

... but not on my home PC thankyou. Fussy passwords forced me back to
slackware, but Red Hat has other attractions and I want it...

John

 
 
 

Making PAM/RedHat passwd less fussy?

Post by Mats Andtback » Thu, 16 Oct 1997 04:00:00



Quote:>For those of us with few security fears, is there a way of changing the
>policy of the passwd command in  Red Hat Linux less fussy about password
>standards.

read the PAM system administrator's guide under /usr/doc/pam*
then comment out the relevant references to cracklib in the PAM
configuration files. see also the npasswd docs.
--
        "Yes i'm lonely..."
                _Yer Blues_, Lennon / McCartney

 
 
 

1. disgusted with passwd, PAM and Redhat

Redhat is so convoluted, I just wish I could go back to Slackware, but
it's too late now. Why can't we go back to the easy way of doing things
like editing /etc/passwd and removing the encrypted string to allow  a
null password for a user.

I am trying to set up my standalone Linux box to have no password for my

main non-root account. My main non-root account (xxx) is now ocking me
out. I have this in my /etc/passwd:

xxx::500:100:xxx fullname:/home/adi:/bin/bash

I didn't manually edit the file to get it like this. I did a 'passwd -d
xxx' as root as I thought that would allow me to have a null password
for xxx. This doesn't work, and I now can't login as xxx at all. I have
not altered any of my PAM files in /etc/pam.d, and I have no /etc/shadow

file. I am using RH6.0.

How do I restore a password for xxx? I have tried 'passwd xxx' and
setting something new, but it doesn't work. It says:

passwd: all authentication tokens updated successfully

but the new passwd I set doesn't work when I try to login as xxx.

my PAM file for passwd is:

#%PAM-1.0
auth       required     /lib/security/pam_pwdb.so shadow nullok
account    required     /lib/security/pam_pwdb.so
password   required     /lib/security/pam_cracklib.so retry=3
password   required     /lib/security/pam_pwdb.so use_authtok nullok

and my PAM file for login is:

#%PAM-1.0
auth       required     /lib/security/pam_securetty.so
auth       required     /lib/security/pam_pwdb.so shadow nullok
auth       required     /lib/security/pam_nologin.so
account    required     /lib/security/pam_pwdb.so
password   required     /lib/security/pam_cracklib.so
password   required     /lib/security/pam_pwdb.so shadow nullok
use_authtok
session    required     /lib/security/pam_pwdb.so
session    optional     /lib/security/pam_console.so

2. Sparclinux problem

3. PAM/RedHat: pop3 /etc/pam.d config

4. what to do with old patches if I install a newer version?

5. redhat 6.1, PAM, and having to alter /etc/pam.d/kppp

6. Solaris 2.5 or 2.5.1 on Enterprise 1000?

7. open-ssh/PAM causes strange $LESS problem

8. What does "set kobj_map_space_len=0x100000" do ?

9. ldap-pam-passwd

10. any way of making login have less or more bad password attempts?

11. NIS PAM passwd problems

12. Making make less verbose using autoconf and automake

13. Passwd : Critical error -- immediate abort = PAM problem ?