Solved

User not able to change password on rhel

Posted on 2014-02-17
7
4,678 Views
Last Modified: 2014-02-18
Hi all,

I know its rsiky but i need to allow User(apart from ROOT) to change password and  that too very simple no complex password policies i need for those users.

for ex.. user name : Jhon
su - jhon
passwd
abcd
abcd

jhon can assign any simple passwrod for himself . no need of root to do that.


for now error is:

[jhon@example ~]$ passwd
Changing password for user jhon.
Changing password for jhon.
(current) UNIX password:
New password:
BAD PASSWORD: it is WAY too short
New password:
BAD PASSWORD: it is WAY too short
New password:
BAD PASSWORD: it is WAY too short
^C
[jhon@example ~]$ passwd
Changing password for user jhon.
Changing password for jhon.
(current) UNIX password:
New password:
BAD PASSWORD: it is based on a dictionary word

please help
0
Comment
Question by:apunkabollywood
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 

Author Comment

by:apunkabollywood
ID: 39864272
Example 2:

Example:

Here I created a account test3 and set the password t, and the password is accepted

[root@localhost ~]# useradd test3
[root@localhost ~]# passwd test3

Changing password for user test3.
New password:
BAD PASSWORD: it is WAY too short
BAD PASSWORD: is a palindrome
Retype new password:

passwd: all authentication tokens updated successfully.
But when it comes to regular user-mode it is very difficult change a password. Check this example

[avi@localhost ~]$ su - test3
Password:

[test3@localhost ~]$ passwd
Changing password for user test3.
Changing password for test3.
(current) UNIX password:
New password:
BAD PASSWORD: it is based on a dictionary word
Password:

passwd: Authentication token manipulation error
I logged into that account and tried to change the password, but this time it not taking simple password, I just knew that its because of pam (Pluggable authentication module ie: /etc/pam.d/)

What changes I do to set any password from regular user? Like being root if we give any password it will accept even single character also. I want that method in user-mode also

I know it's crazy but I want to learn that's it. I am using CentOS 6.2
0
 
LVL 5

Expert Comment

by:Dave Gould
ID: 39864380
Check the file /etc/login.defs
There is a parameter PASS_MIN_LEN

You might also want to look at the file /etc/pam.d/system-auth and look for a line that resembles this : password requisite pam_cracklib.so try_first_pass retry=3 minlen=14 ucredit=-1 dcredit=-1 ocredit=-1 lcredit=-1

You can find an interesting article on the subject here:
http://www.itworld.com/endpoint-security/275056/how-enforce-password-complexity-linux
0
 

Author Comment

by:apunkabollywood
ID: 39864461
All thing works but for root not for the regular users :(
0
Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

 
LVL 5

Expert Comment

by:Dave Gould
ID: 39864472
Have you tried modifying the parameters in the files mentionned?
0
 

Author Comment

by:apunkabollywood
ID: 39864482
Yes all combinations all ready - but i fails whenver trying with regular user - it just says simple password or bad password thats it - and after few times it locks
0
 
LVL 5

Accepted Solution

by:
Dave Gould earned 500 total points
ID: 39864619
Try this
Comment all the three lines

 # password requisite pam_cracklib.so try_first_pass retry=3
 # password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok
 # password required pam_deny.so
 
Add this line

 password sufficient /lib/security/$ISA/pam_unix.so nullok md5 shadow
 
Make sure that you keep a login session open and test from another session. This way you will not lock yourself out
0
 

Author Closing Comment

by:apunkabollywood
ID: 39866814
Thank you - great help - just a info - only commenting first line did the t rick
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you use Debian 6 Squeeze and you are tired of looking at the childish graphical GDM login screen that is used by default, here's an easy way to change it. If you've already tried to change it you've probably discovered that none of the old met…
The purpose of this article is to demonstrate how we can use conditional statements using Python.
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question