[TriLUG] PAM /etc/passwd question
Kevin Hunter
khunter at rhoworld.com
Wed Mar 6 14:33:33 EST 2002
Ok, no one laugh. Remember new guy trying to learn t/d things right
typing here. I took a tip from industrial-linux.org re: pam and
password authentication/changing. However, I think I've left one
line in that should be removed. PAM is still a little fuzzy to me.
My original /etc/pam.d/passwd file is :
#%PAM-1.0
auth required /lib/security/pam_stack.so
service=system-auth
account required /lib/security/pam_stack.so
service=system-auth
password required /lib/security/pam_stack.so
service=system-auth
I changed it to the following to support md5 and to force changes of
passwords to something unique.
#%PAM-1.0
auth required /lib/security/pam_stack.so
service=system-auth
account required /lib/security/pam_stack.so
service=system-auth
password required /lib/security/pam_stack.so
service=system-auth
# These lines added to allow support of md5 passwords
password required /lib/security/pam_cracklib.so minlen=8
difok=3
password required /lib/security/pam_pwdb.so use_authtok nullok
md5
However, I think I need to remove the "pam_stack" line b/c when I
change a password, I get prompted twice, once w/ "New Password" and
once w/ "New UNIX Password".
Am I on track?
Thx!
KH
More information about the TriLUG
mailing list