Nico Kadel-Garcia <nkadel@verizon.net> writes:

> Per Arve wrote:
>
> > Hi,
> > I am supposed to enforce password policy on some RedHat systems. That
> > is:
> > - make sure that passwords consist of at least 3 digits
> > - make sure that passwords consist of at least 3 letters
> > - make sure that passwords consist of at least 1 special caracter
> > Is there a config file where you can implements these requirements?
> > In
> > /etc/login.defs you can just play around with min./max age and min.
> > length of the password.
> > Thanks
> > Per Arve
>
> There are, unfortunately, a bunch of ways to change passwords under
> Linux systems. Enforcing this kind of rule would have to be
> implemented with a tool that they are *forced* to use.

There is a PAM module[1] at http://www.openwall.com/ which does
configurable password quality control (pam_passwdqc) - the internal
checking is easy to borrow if you don't want to use PAM.

Sorry, I don't know how to enforce that this is always used - that's
not an issue at my site.

cheers,
Jamie

[1] redundant I know, but it just sounds wrong without it.
--
James Riden / j.riden@massey.ac.nz / Systems Programmer
GPG public key available at: http://www.massey.ac.nz/~jriden/
This post does not necessarily represent the views of my employer.