[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 805
  • Last Modified:

Solaris 9 - reuse of last four passwords

Hi All,

I want to configure my solaris systems to not to reuse the last four passwords for the acccounts for th e audit complaince, in what way I can do it. Also, I seems that I need to use PAM to get it done, had anybody done this in their setup.  This are solaris 9 sparc systems.

Thanks
virgo
0
virgo0880
Asked:
virgo0880
1 Solution
 
woolmilkporcCommented:
Hi again,

I'm not a true Solaris expert, but I think these are the basic steps:

- First, for Solaris 9 and lower you need the third-party PAM module "pam_history", which should be in the COMSpamph package (?), or you can get it from here:
http://www.comsmiths.com.au/pam/v1.06/

- Next, make an entry in /etc/pam.conf:
other   password requisite      pam_history.so.1 history=4 func=$1$

- To allow for a history greater 5 create a password history database (e.g. for 16 entries):
/usr/local/sbin/mkhistory -c -h 16

More info is here:

http://brandonhutchinson.com/wiki/index.php5?title=Solaris_Password_Policy

Hope this helps. I have no Solaris box here, so I can't test for myself.

wmp

0
 
yuzhCommented:
You need to enable/use PAM for checking of passwords, password history.

Please read:
http://www.softpanorama.org/Solaris/Security/solaris_pam.shtml

BTW, why not upgrade to Solaris 10, you can set the password hostory in /etc/default/passwd file

otherwise have a look at the following page: (I never use this one myself!)
http://www.badpenguin.co.uk/main/content/view/25/35/
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now