(2nd summary, correct line to read: edauth -dd default)
Dear All,
Many thanks to responders (all responses attached below);
Robert C. Dege
Spider Boardman
Ann Majeske
Jeffrey Hummel
BL Venkatesh
Answer;
edauth -dd default
But to make life easier, use vi instead of ed. So before above command;
EDITOR=/usr/bin/vi;export EDITOR
Some people suggested using dxaccounts, but I will need to do this on
remote servers where I only have CLI.
Other useful resources, read the man pages for prpasswd, default, edauth,
userdel/mod/add.
Some outstanding issues with enhanced security I may just live with; new
user accounts are locked by default, user passwords can be single case
(even with non-trivial) - where before with BASE they had to be mix of at
least 2 sets {lowercase, uppercase, numbers, symbols}.
Best regards,
Shaun Racine
Original message
> Tru64 v5.1B pk4
>
> After setting enhanced security (with shadow password) on
> this test server, I noticed the minimum required password
> length is 1 character.
>
> What is the recommended/correct method for changing the
> minimum password length to 6 ? ( I cannot find the way to
> set it with edauth )
>
> Do I just manually edit the file /etc/auth/system/default ?
Responses
Robert C. Dege
You can use dxaccounts to setup the security settings. If you want the
settings to be global, be sure to modify the default template settings.
Spider Boardman
You change it with 'edauth -dd', and be sure to hit both u_minlen and
u_minchosen. I don't know how you got u_minlen of 1, since that's not the
default. It's shipped as 0, which means to calculate it dynamically based
on other parameters. That default is generally pretty safe, but changing
it to 6 is about what it would do normally. (The u_minchosen value was
defaulted from the setting of u_minlen.)
Ann Majeske
To use edauth to edit the default file:
#edauth -d d default
You need to specify "default", since that's the entry you're
editing, even though it's the only entry in the default file.
You can also use the Account Manager to edit the
default file, go to the "Local Template" view and click on
"default".
The prpasswd man page has descriptions for the
user account based entries in the default file, the
default man page has descriptions for the the
system wide entries.
Jeffrey Hummel
I think it is safe to edit default if you are the only one who could be
running the user authorization program.
Change u_minlen#1 to u_minlen#6 if 6 is the minimum length you would like
for a password.
BL Venkatesh
You could either do it manually or use 'dxaccounts' and modify the
'default' template.
Received on Thu Apr 14 2005 - 10:21:12 NZST