Quantcast
Channel: VMware Communities : All Content - All Communities
Viewing all articles
Browse latest Browse all 179681

How can I set up pam_passwdqc on an ESXi host?

$
0
0

I would like to set the password complexity for the new accounts on my ESXi 5.0 (updated 2) host to be a minimum of 14 characters, and have at least 1 of each of the following: 1 upper case char, 1 digit, 1 lowercase char, 1 special char and no dictionary words (passphrases).

 

I updated the /etc/pam.d/passwd file to look like the following (changed the default min=8,8,8,7,6)

    password   requisite   /lib/security/$ISA/pam_passwdqc.so retry=3 min=disabled,disabled,disabled,disabled,14

 

I then go up to the VI Client and try to create a user on the host with this new complexity and it will only accept a password with a minimum of 30 characters.

 

When I set it to set min=disabled,disabled,disabled,14,14 the min password length accepted was 18.

 

I started playing around and changed it to min=disabled,disabled,disabled,10,10 and that let me have a 15 char password.

 

Does anyone know what is going on here?  I'm not sure if this is an ESXi problem or a pam module problem, but it appears the pam_passwdqc.so module behaves differently on ESXi5.0 and ESX 3.5.  I tried the same thing on an ESX 3.5 Red Hat Linux host and it didn't work there eitherr, but I got different results.

 

 

I appreciate any insight on this.

Maureen


Viewing all articles
Browse latest Browse all 179681

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>