Operating Systems/Linux/Ubuntu/Ubuntu 16.04 LTS/Program-Settings

From Vista Ridge Cyberpatriot

Revision as of 22:21, 19 September 2024 by 128.254.249.13 (talk) (→‎Password Security)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Password Security

Minimum Password Length

sudo nano /etc/pam.d/common-password
The minimum password length can be set to 10 by adding "minlen=10" to the end of this line: password [success=1 default=ignore] pam_unix.so obscure yescrypt minlen=10

Dictionary Based Password Checks

sudo nano /etc/pam.d/common-password
Dictionary-based password checks can be enabled by adding the line password requisite pam_pwquality.so to the end of the file
- This is important because it prevents users from using common words in their password

Prevent Duplicate Passwords

sudo nano /etc/pam.d/common-password
Duplicate passwords can be prevented by adding the line password required pam_unix.so remember=5 to the end of the file
- This will make the system remember past passwords so that users can't use the same password multiple times.

Max/Min password age

sudo nano /etc/login.defs
Scroll very far down until you reach the line PASS_MAX_DAYS. Set it equal to 30.
- This is important because it requires users to change their password every 30 days

Null Passwords Do Not Authenticate

Run the command " sudo nano /etc/pam.d/common-auth "
Find the line that contains the "nullock" and then delete the word.

Other

Disable IPv4 Forwarding

sudo nano /etc/sysctl.conf
Add the line net.ipv4.ip_forward=0 to the end of the file
sudo sysctl -p (this applies the settings)
Use the command sysctl net.ipv4.ip_forward to check if it's disabled (0 means it's disabled)

Retrieved from "https://cypat.rainbowunicorn.org/index.php?title=Operating_Systems/Linux/Ubuntu/Ubuntu_16.04_LTS/Program-Settings&oldid=330"