Solved

Solaris 9 - reuse of last four passwords

Posted on 2011-03-25
2
785 Views
Last Modified: 2013-12-28
Hi All,

I want to configure my solaris systems to not to reuse the last four passwords for the acccounts for th e audit complaince, in what way I can do it. Also, I seems that I need to use PAM to get it done, had anybody done this in their setup.  This are solaris 9 sparc systems.

Thanks
virgo
0
Comment
Question by:virgo0880
2 Comments
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 250 total points
ID: 35217440
Hi again,

I'm not a true Solaris expert, but I think these are the basic steps:

- First, for Solaris 9 and lower you need the third-party PAM module "pam_history", which should be in the COMSpamph package (?), or you can get it from here:
http://www.comsmiths.com.au/pam/v1.06/

- Next, make an entry in /etc/pam.conf:
other   password requisite      pam_history.so.1 history=4 func=$1$

- To allow for a history greater 5 create a password history database (e.g. for 16 entries):
/usr/local/sbin/mkhistory -c -h 16

More info is here:

http://brandonhutchinson.com/wiki/index.php5?title=Solaris_Password_Policy

Hope this helps. I have no Solaris box here, so I can't test for myself.

wmp

0
 
LVL 38

Expert Comment

by:yuzh
ID: 35237484
You need to enable/use PAM for checking of passwords, password history.

Please read:
http://www.softpanorama.org/Solaris/Security/solaris_pam.shtml

BTW, why not upgrade to Solaris 10, you can set the password hostory in /etc/default/passwd file

otherwise have a look at the following page: (I never use this one myself!)
http://www.badpenguin.co.uk/main/content/view/25/35/
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Website and email setup 4 44
ticket bloat 3 54
Security perspectives to assess for APIs 1 44
Multi Factor Authentication 3 21
OnPage: Incident management and secure messaging on your smartphone
Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question