Can someone please
tell me how, on FC 2 , to do the following:
1. Ensure a
password meets minimum length and other quality
restrictions.
2. Lockout an
account for time X after three failed attempts.
3. Force a
user to change a password after time Y.
4. Report all
the above.
The /etc/login.defs
with password restrictions apparently doesn't work with PAM.
PAM documentation is
very confusing to me--I see apparent dependencies, duplications, and
overlaps between "services" and modules, and which takes precedence is not
clear..
For example,
following the examples in the "Linux-PAM System Administrators' Guide" (latest I
could find: version 0.76, Jun 2002) for the /etc/pam.d/passwd doesn't work for
me. I set the following:
password
required pam_cracklib.so \
dcredit=-1 ucredit=-1
ocredit=o lcredit=-1 minlen=8
Nothing
changes:
As a user I
try to change my password and it accepts 6 characters.
Thanks for any help
or pointers.
Tom
Browder
