Displaying 16 results from an estimated 16 matches for "lcredit".
Did you mean:
credit
2010 Feb 18
7
Augeas pam.d argument checking
I''m trying to change the password complexity requirements in
pam.d/system-auth using augeas. I can append the values (lcredit=-1,
ucredit=-1, etc) onto the correct place, but if another value is
already present (i.e. lcredit=-2), the onlyif match statement doesn''t
seem to support checking regular expressions inside of strings. How do
I check that any numeric value exists in the argument??
define password...
2008 Oct 27
0
system-auth on CentOS 5.2
...ed_if.so uid >= 500 quiet
auth required pam_deny.so
account required pam_tally.so
account required pam_unix.so
account sufficient pam_succeed_if.so uid < 500 quiet
account required pam_permit.so
password requisite pam_cracklib.so minlen=8 lcredit=2 ucredit=2
dcredit=2 ocredit=2 retry=3
password sufficient pam_unix.so md5 shadow nullok try_first_pass
use_authtok
password required pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
session [success=1 default=ignore] pam_succee...
2008 Feb 04
0
RE: Strong security in user's accounts and paswords..[SOLVE]
...sufficient /lib/security/$ISA/pam_succeed_if.so uid <
100 quiet
>account required /lib/security/$ISA/pam_permit.so
#password requisite /lib/security/$ISA/pam_cracklib.so retry=3
#password requisite /lib/security/$ISA/pam_cracklib.so retry=3
minlen=10 ucredit=-2 lcredit=-2 dcredit=-2 ocredit=-2 difok=3
# Changed to 15 character length password
password requisite /lib/security/$ISA/pam_cracklib.so retry=3
minlen=15 ucredit=-2 lcredit=-2 dcredit=-2 ocredit=-2 difok=3
# Remember the last 15 passwords
password sufficient /lib/security/$ISA/pam_unix.so nu...
2014 Nov 17
1
exercising pam_cracklib from the command line
...ine program that determines and reports what
pam_cracklib.so returns for a given password; subject to variation in the
command line options and values provided? For example, assuming a cli driver
program called cli_driver_pgm:
cli_driver_pgm pam_cracklib.so difok=8 minlen=14 dcredit=3 ucredit=3
lcredit=3 ocredit=3 minclass=2 maxrepeat=3 maxsequence=3 reject_username
gecoscheck -- somepassword
-> pam_cracklib calculated minlen value for somepassword
My Google-fu appears to have deserted me.
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:By...
2008 Feb 04
1
Strong security in user's accounts and paswords..
Hi, I have some databases running on CentOS4 with users accessing the
shell (bash), so I'd like to strong the security on my server in user's
accounts and passwords.. I mean, enforcing strong passwords, min/max age
passwords, locking passwords when you fail 3 times, and all this stuff.
Is there any package which do this work? Any tutorial?
Thanks in advance
Regards
Israel
2009 Mar 02
31
Using Augeas type to update sshd_config's AllowGroups
Hey gang,
I seem to be having a brain disconnect on how to get the Augeas type to
manage things that have multiple values (i.e. an Augeas tree) via Puppet.
If I run this in augtool:
augtool> set /files/etc/ssh/sshd_config/AllowGroups/1000 sshuser
augtool> save
I see this in /etc/ssh/sshd_config:
AllowGroups sshuser
However, if I try this in an Augeas type:
augeas {
2010 Sep 14
1
cron breaking when enabling ldap
...pam_localuser.so
account sufficient pam_succeed_if.so uid < 500 quiet
account [default=bad success=ok user_unknown=ignore] pam_ldap.so
account required pam_permit.so
password requisite pam_cracklib.so type= retry=3 difok=3 minlen=8 dcredit=-1 ocredit=-1 ucredit=-1 lcredit=0
password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok
password sufficient pam_ldap.so use_authtok
password required pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
session optional pam_mkhomed...
2010 Apr 16
1
offline logon in 3.4.7-58
...500 quiet
account [default=bad success=ok user_unknown=ignore] pam_krb5.so
account [default=bad success=ok user_unknown=ignore] pam_winbind.so cached_login
account required pam_permit.so
password requisite pam_cracklib.so try_first_pass retry=3 minlen=12 dcredit=1 ucredit=1 lcredit=1 ocredit=1
password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok
password sufficient pam_krb5.so use_authtok
password sufficient pam_winbind.so cached_login use_authtok
password required pam_deny.so
session optional pam_keyinit.so revoke
s...
2005 Jan 21
1
tdbsam (local) to ldap (tdbldap) backend migration causes pam restrictions not to work anymore?
...*authentication*tokens*updated*successfully*
/etc/pam.d/samba:
auth required pam_unix.so nullok
account required pam_unix.so
session required pam_unix.so
password required pam_cracklib.so minlen=20 ocredit=5
ucredit=3 dcredit=3 lcredit=1
password required pam_unix.so
Now I have changed the part in smb.conf to be like this:
passwd program = /usr/bin/ldappasswd -D cn=root,dc=neonatus,dc=net -x
-w 'password_for_root_user' -S uid=%u,ou=People,dc=neonatus,dc=net
passwd chat = *New*password*%n\n*new*password*%n\n...
2016 Oct 12
2
Replacement pdc samba3 to samba4 nt classic
...pam_permit.so
> # cat /etc/pam.d/common-password|egrep -v '^#|^$'
root at pdc:~# cat /etc/pam.d/common-password|egrep -v '^#|^$'
password requisite pam_cracklib.so
reject_username retry=3 minlen=18 difok=3 maxrepeat=2 minclass=4
lcredit=0 ucredit=2 dcredit=1 ocredit=1
password required pam_pwhistory.so
use_authtok enforce_for_root remember=5
password [success=2 default=ignore] pam_unix.so obscure
use_authtok try_first_pass sha512
password [success=1 user_unknown=ignore default=die...
2003 Nov 18
0
Samba PDC trying rid null logins
.../pam_mkhomedir.so skel=/etc/skel/ umaks=0022
session optional /lib/security/pam_console.so
-------------- next part --------------
#%PAM-1.0
auth required /lib/security/pam_winbind.so shadow
account required /lib/security/pam_winbind.so
password required /lib/security/pam_cracklib.so lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1 retry=3
password required /lib/security/pam_unix.so use_authtok md5 shadow
-------------- next part --------------
auth required pam_winbind.so
account required pam_winbind.so
session required pam_mkhomedir.so skel=/etc/samba/skel umask=0022
password require...
2003 Nov 19
0
FW: Samba PDC trying rid null logins
.../pam_mkhomedir.so skel=/etc/skel/ umaks=0022
session optional /lib/security/pam_console.so
-------------- next part --------------
#%PAM-1.0
auth required /lib/security/pam_winbind.so shadow
account required /lib/security/pam_winbind.so
password required /lib/security/pam_cracklib.so lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1 retry=3
password required /lib/security/pam_unix.so use_authtok md5 shadow
-------------- next part --------------
auth required pam_winbind.so
account required pam_winbind.so
session required pam_mkhomedir.so skel=/etc/samba/skel umask=0022
password require...
2013 Jun 19
1
"The account is not authorized to login from this station"
...pam_tally.so magic_root
account required pam_unix.so
account sufficient pam_succeed_if.so uid < 100 quiet
account sufficient pam_stack.so service=krb5-secdom
account required pam_permit.so
password requisite pam_cracklib.so retry=3 type=local minlen=7 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1 difok=3 difignore=15
password sufficient pam_unix.so md5 shadow nullok use_authtok remember=24
password sufficient pam_stack.so service=krb5-secdom
password required pam_deny.so
session optional pam_keyinit.so revoke
session requi...
2016 Oct 12
0
Replacement pdc samba3 to samba4 nt classic
...ord|egrep -v '^#|^$'
> >>
> >> root at pdc:~# cat /etc/pam.d/common-password|egrep -v '^#|^$'
> >> password requisite pam_cracklib.so
> >> reject_username retry=3 minlen=18 difok=3 maxrepeat=2 minclass=4
> >> lcredit=0 ucredit=2 dcredit=1 ocredit=1
> >> password required pam_pwhistory.so
> >> use_authtok enforce_for_root remember=5
> >> password [success=2 default=ignore] pam_unix.so
> >> obscure use_authtok try_first_pass sha512
>...
2016 Oct 10
6
Replacement pdc samba3 to samba4 nt classic
Migration was held in connection with the breakdown of the old server
after setting up a new server stopped working to add windows pc to a domain
root at pdc:/var/log/samba# cat /etc/samba/smb.conf
[global]
# Default options
allow nt4 crypto = yes
client ntlmv2 auth = no
disable spoolss = yes
dns proxy
2014 Nov 20
1
CentOS Digest, Vol 118, Issue 20 - Email found in subject
...reports what
> pam_cracklib.so returns for a given password; subject to variation
> in the command line options and values provided? For example,
> assuming a cli driver program called cli_driver_pgm:
>
> cli_driver_pgm pam_cracklib.so difok=8 minlen=14 dcredit=3
> ucredit=3 lcredit=3 ocredit=3 minclass=2 maxrepeat=3 maxsequence=3
> reject_username gecoscheck -- somepassword
>
> -> pam_cracklib calculated minlen value for somepassword
>
>
> My Google-fu appears to have deserted me.
>
Googling for `"pam_cracklib" cli tool` got me a recomm...