Operating Systems/Linux/Ubuntu/Ubuntu 16.04 LTS/Program-Settings

From Vista Ridge Cyberpatriot
Jump to navigation Jump to search

When you need to mess with security policy in Linux a need to know command to start diving in is "sudo nano /etc/security/pwquality.conf". This command can help with accessing the security policy of linux and editing it.

Minimum Password Length

This file controls the minimum password length, whether previous passwords are remembered, and whether dictionary-based password checks are enabled.

  1. sudo nano /etc/pam.d/common-password
  2. The minimum password length can be set to 10 by adding "minlen=10" to the end of this line: password [success=1 default=ignore] pam_unix.so obscure yescrypt minlen=10

Dictionary Based Password Checks

  1. sudo nano /etc/pam.d/common-password
  2. Dictionary-based password checks can be enabled by adding the line password requisite pam_pwquality.so to the end of the file
    • This is important because it prevents users from using common words in their password

Remembering Previous Passwords

  1. sudo nano /etc/pam.d/common-password
  2. Enabling previous passwords being remembered can be enabled by adding the line password required pam_unix.so remember=5 to the end of the file
    • This is important because it will prevent users from using the same password multiple times

Max/Min password age

This file determines the maximum/minimum password age

  1. sudo nano /etc/login.defs
  2. Scroll very far down until you reach the line PASS_MAX_DAYS. Set it equal to 30.
    • Setting the maximum password age requires people to change their password every 30 days.
Retrieved from "https://cypat.rainbowunicorn.org/index.php?title=Operating_Systems/Linux/Ubuntu/Ubuntu_16.04_LTS/Program-Settings&oldid=256"