Set Password Policies in SLES (SUSE Linux Enterprise Server)

Recently i got the task to implement following password policies on SLES (SUSE Linux Enterprise Server) 11.x

  • Minimum password length should be 10 characters
  • Password should have one UPPERCASE Character
  • Password should have one LOWERCASE Character
  • Password should have one Numeric Character
  • Minimum Passwords to Remember or Password History is 4
  • Accounts should be lockout after 5 attempts.

These password policies can implemented using pam file “/etc/pam.d/common-password

First take the back up of common-password file .

# cd /etc/pam.d/
# cp common-password common-password.bak

Edit the file “/etc/pam.d/common-password” ,comment out the default modules and add the followings lines.

password   required   pam_cracklib.so dcredit=-1 ucredit=-1 lcredit=-1 minlen=10 retry=5
password   required   pam_pwhistory.so use_authtok remember=4 retry=5
password   required   pam_unix2.so nullok use_authtok md5

Save & exit the file.

Now onwards , we can’t use the simple passwords , System will accepts only those passwords which satisfy above parameters.

Leave a Reply

Your email address will not be published. Required fields are marked *