RHEL7

Question 1

正如评论中提到的：你读过手册页吗？密码质量配置文件听起来你只需要添加这两行：

minlen = 15
minclass = 4

Answer

正如评论中提到的：你读过手册页吗？密码质量配置文件听起来你只需要添加这两行：

minlen = 15
minclass = 4

Question 2

（我手头没有 RHEL 7 系统，只有 CentOS 7，除了细微的差别外，它们通常是相同的。）

默认情况下，pwquality PAM 模块已启用，您只需调整配置文件中的默认策略/etc/security/pwquality.conf以满足您的需求。

 # /etc/security/pwquality.conf
 # Minimum acceptable size for the new password (plus one if
 # credits are not disabled which is the default). (See pam_cracklib manual.)
 # Cannot be set to lower value than 6.
 minlen = 15
 # The minimum number of required classes of characters for the new
 # password (digits, uppercase, lowercase, others).
 minclass = 4

或者，您可以使用以下命令调整密码策略authconfig：

authconfig --help 
  ...
  --passminlen=<number>
                        minimum length of a password
  --passminclass=<number>
                        minimum number of character classes in a password
  --passmaxrepeat=<number>
                        maximum number of same consecutive characters in a password
  --passmaxclassrepeat=<number>
                        maximum number of consecutive characters of same class in a password
    --enablereqlower        require at least one lowercase character in a password
    --disablereqlower       do not require lowercase characters in a password
    --enablerequpper        require at least one uppercase character in a password
    --disablerequpper       do not require uppercase characters in a password
    --enablereqdigit        require at least one digit in a password
    --disablereqdigit       do not require digits in a password
    --enablereqother        require at least one other character in a password
    --disablereqother       do not require other characters in a password
    --enablefaillock        enable account locking in case of too many consecutive authentication failures
    --disablefaillock       disable account locking on too many consecutive authentication failures
   ...

例如

authconfig --passminlen=15 --passminclass=4

Answer

（我手头没有 RHEL 7 系统，只有 CentOS 7，除了细微的差别外，它们通常是相同的。）

默认情况下，pwquality PAM 模块已启用，您只需调整配置文件中的默认策略/etc/security/pwquality.conf以满足您的需求。

 # /etc/security/pwquality.conf
 # Minimum acceptable size for the new password (plus one if
 # credits are not disabled which is the default). (See pam_cracklib manual.)
 # Cannot be set to lower value than 6.
 minlen = 15
 # The minimum number of required classes of characters for the new
 # password (digits, uppercase, lowercase, others).
 minclass = 4

或者，您可以使用以下命令调整密码策略authconfig：

authconfig --help 
  ...
  --passminlen=<number>
                        minimum length of a password
  --passminclass=<number>
                        minimum number of character classes in a password
  --passmaxrepeat=<number>
                        maximum number of same consecutive characters in a password
  --passmaxclassrepeat=<number>
                        maximum number of consecutive characters of same class in a password
    --enablereqlower        require at least one lowercase character in a password
    --disablereqlower       do not require lowercase characters in a password
    --enablerequpper        require at least one uppercase character in a password
    --disablerequpper       do not require uppercase characters in a password
    --enablereqdigit        require at least one digit in a password
    --disablereqdigit       do not require digits in a password
    --enablereqother        require at least one other character in a password
    --disablereqother       do not require other characters in a password
    --enablefaillock        enable account locking in case of too many consecutive authentication failures
    --disablefaillock       disable account locking on too many consecutive authentication failures
   ...

例如

authconfig --passminlen=15 --passminclass=4

Question 3

password-auth在和中启用 pam_pwquality.so 后system-auth，在中设置这些参数/etc/security/pwquality.so。

minlen=15
dcredit=-1
ucredit=-1
ocredit=-1
lcredit=-1

Answer

password-auth在和中启用 pam_pwquality.so 后system-auth，在中设置这些参数/etc/security/pwquality.so。

minlen=15
dcredit=-1
ucredit=-1
ocredit=-1
lcredit=-1

Question 4

RHEL7

在 /etc/security/pwquality.conf 文件中添加这些值 minlen = 15 ucredit = -1 lcredit = -1
ocredit = -1 dcredit = -1
minclass = #
#- 是您希望从所有上述定义的类别中符合密码最低类型的数字

或者使用命令“authconfig”

authconfig --enablereqlower --enablerequpper --enablereqdigit --enablereqother --passminlen=15 --update

RHEL5：

密码要求 pam_cracklib.so try_first_pass retry=5 minlen=15 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1

RHEL6：

密码要求 pam_cracklib.so try_first_pass retry=5 dcredit=-1 ucredit=-1 ocredit=-1 lcredit=-1 minlen=15

===================

/etc/login.defs

传递最小长度 15

Answer

RHEL7

在 /etc/security/pwquality.conf 文件中添加这些值 minlen = 15 ucredit = -1 lcredit = -1
ocredit = -1 dcredit = -1
minclass = #
#- 是您希望从所有上述定义的类别中符合密码最低类型的数字

或者使用命令“authconfig”

authconfig --enablereqlower --enablerequpper --enablereqdigit --enablereqother --passminlen=15 --update

RHEL5：

密码要求 pam_cracklib.so try_first_pass retry=5 minlen=15 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1

RHEL6：

密码要求 pam_cracklib.so try_first_pass retry=5 dcredit=-1 ucredit=-1 ocredit=-1 lcredit=-1 minlen=15

===================

/etc/login.defs

传递最小长度 15

RHEL7

答案1

答案2

答案3

答案4

RHEL7

RHEL5：

RHEL6：

相关内容