The password aging controls and
password length are defined in /etc/login.defs file. The
password policy required to defining the number of days a password is valid, minimum
length of a password, the strength of a password, and number of warning days before the password expires. To apply
password policy, edit /etc/login.defs file and set PASS values.
PN: - The password policy affect only newly created users,
do not impact to existing users.
Here is a list of default
password policy that we typically
set in /etc/logins.defs. Use the below command to check the existing password
policy in /etc/login.defs:
[root@linuxcnf
~]# cat /etc/login.defs |grep PASS|grep -v password
PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_MIN_LEN 5
PASS_WARN_AGE 7
[root@linuxcnf
~]#
|
To
configure password policy, open /etc/login.defs file and modify values as
below:
[root@linuxcnf
~]# vi /etc/login.defs
|
PASS_MAX_DAYS 30
PASS_MIN_DAYS 0
PASS_MIN_LEN 8
PASS_WARN_AGE 7
|
To
verify the parameters value use below command:
[root@linuxcnf
~]# cat /etc/login.defs |grep PASS|grep -v password
PASS_MAX_DAYS 30
PASS_MIN_DAYS 0
PASS_MIN_LEN 8
PASS_WARN_AGE 7
[root@linuxcnf
~]#
|
You
have done!
No comments:
Post a Comment