[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Solaris 9 - reuse of last four passwords

Posted on 2011-03-25
2
Medium Priority
?
802 Views
Last Modified: 2013-12-28
Hi All,

I want to configure my solaris systems to not to reuse the last four passwords for the acccounts for th e audit complaince, in what way I can do it. Also, I seems that I need to use PAM to get it done, had anybody done this in their setup.  This are solaris 9 sparc systems.

Thanks
virgo
0
Comment
Question by:virgo0880
2 Comments
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 1000 total points
ID: 35217440
Hi again,

I'm not a true Solaris expert, but I think these are the basic steps:

- First, for Solaris 9 and lower you need the third-party PAM module "pam_history", which should be in the COMSpamph package (?), or you can get it from here:
http://www.comsmiths.com.au/pam/v1.06/

- Next, make an entry in /etc/pam.conf:
other   password requisite      pam_history.so.1 history=4 func=$1$

- To allow for a history greater 5 create a password history database (e.g. for 16 entries):
/usr/local/sbin/mkhistory -c -h 16

More info is here:

http://brandonhutchinson.com/wiki/index.php5?title=Solaris_Password_Policy

Hope this helps. I have no Solaris box here, so I can't test for myself.

wmp

0
 
LVL 38

Expert Comment

by:yuzh
ID: 35237484
You need to enable/use PAM for checking of passwords, password history.

Please read:
http://www.softpanorama.org/Solaris/Security/solaris_pam.shtml

BTW, why not upgrade to Solaris 10, you can set the password hostory in /etc/default/passwd file

otherwise have a look at the following page: (I never use this one myself!)
http://www.badpenguin.co.uk/main/content/view/25/35/
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
When you put your credit card number into a website for an online transaction, surely you know to look for signs of a secure website such as the padlock icon in the web browser or the green address bar.  This is one way to protect yourself from oth…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question