Set Password Policies in SLES (SUSE Linux Enterprise Server)

Recently i got the task to implement following password policies on SLES (SUSE Linux Enterprise Server) 11.x

  • Minimum password length should be 10 characters
  • Password should have one UPPERCASE Character
  • Password should have one LOWERCASE Character
  • Password should have one Numeric Character
  • Minimum Passwords to Remember or Password History is 4
  • Accounts should be lockout after 5 attempts.

These password policies can implemented using pam file “/etc/pam.d/common-password

First take the back up of common-password file .

# cd /etc/pam.d/
# cp common-password common-password.bak

Edit the file “/etc/pam.d/common-password” ,comment out the default modules and add the followings lines.

password   required   pam_cracklib.so dcredit=-1 ucredit=-1 lcredit=-1 minlen=10 retry=5
password   required   pam_pwhistory.so use_authtok remember=4 retry=5
password   required   pam_unix2.so nullok use_authtok md5

Save & exit the file.

Now onwards, we can’t use the simple passwords, System will accepts only those passwords which satisfy above parameters.

2 thoughts on “Set Password Policies in SLES (SUSE Linux Enterprise Server)”

  1. password requisite pam_cracklib.so minlen=8 dcredit=-1 ucredit=-1 lcredit=-1
    password required pam_pwhistory.so use_authtok remember=4
    password required pam_unix2.so use_authtok nullok

    Please explain the password policy here in points,
    Thanks in advance,
    kousik Singha

    Reply

Leave a Comment