[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: PAM restrictions
On Fri, Jul 07, 2000 at 03:50:48PM -0500, Charles Menzes wrote:
> How does PAM enforce users to use passwords with a minimum n number of
> characters? More importantly, how can this be disabled?
On my box (Debian 2.2), I have this in /etc/pam.d/login:
# The standard Unix authentication modules, used with NIS (man nsswitch) as
# well as normal /etc/passwd and /etc/shadow entries. For the login service,
# this is only used when the password expires and must be changed, so make
# sure this one and the one in /etc/pam.d/passwd are the same. The "nullok"
# option allows users to change an empty password, else empty passwords are
# treated as locked accounts.
#
# (Add `md5' after the module name to enable MD5 passwords the same way that
# `MD5_CRYPT_ENAB' would do under login.defs).
#
# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
# login.defs. Also the "min" and "max" options enforce the length of the
# new password.
password required pam_unix.so nullok obscure min=4 max=8
You probably need to look for lines like that in all of the files in
/etc/pam.d, and change them to the right values (or none).
Of course, doing so is a security risk. I'm sure you knew that
already - just making sure.
-
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.