请问关于suse 11与suse 9密码复杂度配置的有关问题
日期:2014-05-16 浏览次数:20950 次
请教关于suse 11与suse 9密码复杂度配置的问题
大家好:
我按照以下在suse 9上面配置密码复杂度的方法配置suse 11的密码复杂度:
(1)、配置/etc/security/pam_pwcheck.conf文件
备份:
cp /etc/security/pam_pwcheck.conf /etc/security/pam_pwcheck.conf.bak
编辑:
vi /etc/security/pam_pwcheck.conf
将password: nullok use_cracklib修改为以下内容
password: nullok md5 use_cracklib
(2)、创建密码记录文件opasswd
touch /etc/security/opasswd
chown root:root /etc/security/opasswd
chmod 600 /etc/security/opasswd
(3)、配置主配置文件
配置/etc/pam.d/passwd文件【suse9没有/etc/pam.d/common-password, suse11 要按以下修改/etc/pam.d/common-password文件】
备份:cp /etc/pam.d/passwd /etc/pam.d/passwd.bak
#vi /etc/pam.d/passwd
#注释掉原来type为password的项,在注释掉的行下方增加以下4行
password required pam_pwcheck.so
password required pam_cracklib.so use_authtok minlen=8 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1
password required pam_pwcheck.so remember=5 use_authtok use_first_pass
password required pam_unix2.so nullok use_authtok use_first_pass
----------------
在suse 9上面测试普通用户修改密码,测试通过。但在suse 11上测试,就提示如下错误:
tuser@linux:~> passwd tuser
Changing password for tuser.
旧密码:
新口令:
重新输入新口令:
口令已更改。
无效的密码: 过于简单
passwd: 鉴定令牌操作错误-----
我输入的密码是不符合以上的密码复杂度设置规则的。以上所示,但为什么能够修改成功,并且提示“口令已更改”后,才提示:
无效的密码: 过于简单
passwd: 鉴定令牌操作错误
----
我的 suse 11 的 /etc/security/pam_pwcheck.conf文件、/etc/pam.d/common-password文件、/etc/pam.d/passwd文件和 文件的内容分别如下:
tuser@linux:~> cat /etc/security/pam_pwcheck.conf
password: nullok md5 use_cracklib
-------------
tuser@linux:~> cat /etc/pam.d/common-password
#%PAM-1.0
#
# This file is autogenerated by pam-config. All changes
# will be overwritten.
#
# Password-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define the services to be
# used to change user passwords.
#
password requisite pam_pwcheck.so nullok cracklib
password required pam_unix2.so use_authtok nullok
password required pam_pwcheck.so
password required pam_cracklib.so use_authtok minlen=8 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1
password required pam_pwcheck.so remember=5 use_authtok use_first_pass
password required pam_unix2.so nullok use_authtok use_first_pass
--------
tuser@linux:~> cat /etc/pam.d/passwd
#%PAM-1.0
auth include common-auth
account include &nbs
大家好:
我按照以下在suse 9上面配置密码复杂度的方法配置suse 11的密码复杂度:
(1)、配置/etc/security/pam_pwcheck.conf文件
备份:
cp /etc/security/pam_pwcheck.conf /etc/security/pam_pwcheck.conf.bak
编辑:
vi /etc/security/pam_pwcheck.conf
将password: nullok use_cracklib修改为以下内容
password: nullok md5 use_cracklib
(2)、创建密码记录文件opasswd
touch /etc/security/opasswd
chown root:root /etc/security/opasswd
chmod 600 /etc/security/opasswd
(3)、配置主配置文件
配置/etc/pam.d/passwd文件【suse9没有/etc/pam.d/common-password, suse11 要按以下修改/etc/pam.d/common-password文件】
备份:cp /etc/pam.d/passwd /etc/pam.d/passwd.bak
#vi /etc/pam.d/passwd
#注释掉原来type为password的项,在注释掉的行下方增加以下4行
password required pam_pwcheck.so
password required pam_cracklib.so use_authtok minlen=8 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1
password required pam_pwcheck.so remember=5 use_authtok use_first_pass
password required pam_unix2.so nullok use_authtok use_first_pass
----------------
在suse 9上面测试普通用户修改密码,测试通过。但在suse 11上测试,就提示如下错误:
tuser@linux:~> passwd tuser
Changing password for tuser.
旧密码:
新口令:
重新输入新口令:
口令已更改。
无效的密码: 过于简单
passwd: 鉴定令牌操作错误-----
我输入的密码是不符合以上的密码复杂度设置规则的。以上所示,但为什么能够修改成功,并且提示“口令已更改”后,才提示:
无效的密码: 过于简单
passwd: 鉴定令牌操作错误
----
我的 suse 11 的 /etc/security/pam_pwcheck.conf文件、/etc/pam.d/common-password文件、/etc/pam.d/passwd文件和 文件的内容分别如下:
tuser@linux:~> cat /etc/security/pam_pwcheck.conf
password: nullok md5 use_cracklib
-------------
tuser@linux:~> cat /etc/pam.d/common-password
#%PAM-1.0
#
# This file is autogenerated by pam-config. All changes
# will be overwritten.
#
# Password-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define the services to be
# used to change user passwords.
#
password requisite pam_pwcheck.so nullok cracklib
password required pam_unix2.so use_authtok nullok
password required pam_pwcheck.so
password required pam_cracklib.so use_authtok minlen=8 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1
password required pam_pwcheck.so remember=5 use_authtok use_first_pass
password required pam_unix2.so nullok use_authtok use_first_pass
--------
tuser@linux:~> cat /etc/pam.d/passwd
#%PAM-1.0
auth include common-auth
account include &nbs
免责声明: 本文仅代表作者个人观点,与爱易网无关。其原创性以及文中陈述文字和内容未经本站证实,对本文以及其中全部或者部分内容、文字的真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
