Difference between revisions of "Operating Systems/Linux/Ubuntu/Ubuntu 16.04 LTS/Program-Settings"

From Vista Ridge Cyberpatriot
Jump to navigation Jump to search
(Created page with "When you need to mess with security policy in Linux a need to know command to start diving in is "sudo nano /etc/security/pwquality.conf". This command can help with accessing...")
 
Line 1: Line 1:
 
When you need to mess with security policy in Linux a need to know command to start diving in is "sudo nano /etc/security/pwquality.conf". This command can help with accessing the security policy of linux and editing it.
 
When you need to mess with security policy in Linux a need to know command to start diving in is "sudo nano /etc/security/pwquality.conf". This command can help with accessing the security policy of linux and editing it.
 +
 +
Two other useful files are <code>/etc/pam.d/common-password</code> and <code>/etc/login.defs</code>
 +
===common-password File===
 +
This file controls the minimum password length, whether previous passwords are remembered, and whether dictionary-based password checks are enabled.
 +
# <code>sudo nano /etc/pam.d/common-password</code>
 +
# The minimum password length can be set to 10 by adding "minlen=10" to the end of this line: <code>password  [success=1 default=ignore]  pam_unix.so obscure yescrypt minlen=10</code>
 +
# Dictionary-based password checks can be enabled by adding the line <code>password requisite pam_pwquality.so</code> to the end of the file
 +
#* This is important because it prevents users from using common words in their password
 +
# Enabling previous passwords being remembered can be enabled by adding the line <code>password required pam_unix.so remember=5</code> to the end of the file
 +
#* This is important because it will prevent users from using the same password multiple times

Revision as of 06:11, 20 November 2023

When you need to mess with security policy in Linux a need to know command to start diving in is "sudo nano /etc/security/pwquality.conf". This command can help with accessing the security policy of linux and editing it.

Two other useful files are /etc/pam.d/common-password and /etc/login.defs

common-password File

This file controls the minimum password length, whether previous passwords are remembered, and whether dictionary-based password checks are enabled.

  1. sudo nano /etc/pam.d/common-password
  2. The minimum password length can be set to 10 by adding "minlen=10" to the end of this line: password [success=1 default=ignore] pam_unix.so obscure yescrypt minlen=10
  3. Dictionary-based password checks can be enabled by adding the line password requisite pam_pwquality.so to the end of the file
    • This is important because it prevents users from using common words in their password
  4. Enabling previous passwords being remembered can be enabled by adding the line password required pam_unix.so remember=5 to the end of the file
    • This is important because it will prevent users from using the same password multiple times