View Single Post
Old 19th June 2008
tanked tanked is offline
Fdisk Soldier
 
Join Date: May 2008
Posts: 56
Default

Quote:
Originally Posted by hopla View Post
I use pam_passwdqc to enforce strong passwords. It's in the base system (man pam_passwdqc).

I enable it by adding this line to /etc/pam.d/sshd (its the 3rd line, the others are already there)



See the man page for the meaning of the options and more.

And in /etc/adduser.conf I set


Then when I create a new user I get a random password (by default) I can give to him. And when the user first logs in with it, he must immediately change it since its expired (upwexpire). He can then only change it to a password that is strong enough according to the rules set with pam_passwdqc.
Excellent, I never realised something like this was in the base system, I thought I'd have to install 3rd party software to get that functionality.
Reply With Quote