Solved

User not able to change password on rhel

Posted on 2014-02-17
7
4,583 Views
Last Modified: 2014-02-18
Hi all,

I know its rsiky but i need to allow User(apart from ROOT) to change password and  that too very simple no complex password policies i need for those users.

for ex.. user name : Jhon
su - jhon
passwd
abcd
abcd

jhon can assign any simple passwrod for himself . no need of root to do that.


for now error is:

[jhon@example ~]$ passwd
Changing password for user jhon.
Changing password for jhon.
(current) UNIX password:
New password:
BAD PASSWORD: it is WAY too short
New password:
BAD PASSWORD: it is WAY too short
New password:
BAD PASSWORD: it is WAY too short
^C
[jhon@example ~]$ passwd
Changing password for user jhon.
Changing password for jhon.
(current) UNIX password:
New password:
BAD PASSWORD: it is based on a dictionary word

please help
0
Comment
Question by:apunkabollywood
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 

Author Comment

by:apunkabollywood
ID: 39864272
Example 2:

Example:

Here I created a account test3 and set the password t, and the password is accepted

[root@localhost ~]# useradd test3
[root@localhost ~]# passwd test3

Changing password for user test3.
New password:
BAD PASSWORD: it is WAY too short
BAD PASSWORD: is a palindrome
Retype new password:

passwd: all authentication tokens updated successfully.
But when it comes to regular user-mode it is very difficult change a password. Check this example

[avi@localhost ~]$ su - test3
Password:

[test3@localhost ~]$ passwd
Changing password for user test3.
Changing password for test3.
(current) UNIX password:
New password:
BAD PASSWORD: it is based on a dictionary word
Password:

passwd: Authentication token manipulation error
I logged into that account and tried to change the password, but this time it not taking simple password, I just knew that its because of pam (Pluggable authentication module ie: /etc/pam.d/)

What changes I do to set any password from regular user? Like being root if we give any password it will accept even single character also. I want that method in user-mode also

I know it's crazy but I want to learn that's it. I am using CentOS 6.2
0
 
LVL 5

Expert Comment

by:Dave Gould
ID: 39864380
Check the file /etc/login.defs
There is a parameter PASS_MIN_LEN

You might also want to look at the file /etc/pam.d/system-auth and look for a line that resembles this : password requisite pam_cracklib.so try_first_pass retry=3 minlen=14 ucredit=-1 dcredit=-1 ocredit=-1 lcredit=-1

You can find an interesting article on the subject here:
http://www.itworld.com/endpoint-security/275056/how-enforce-password-complexity-linux
0
 

Author Comment

by:apunkabollywood
ID: 39864461
All thing works but for root not for the regular users :(
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 5

Expert Comment

by:Dave Gould
ID: 39864472
Have you tried modifying the parameters in the files mentionned?
0
 

Author Comment

by:apunkabollywood
ID: 39864482
Yes all combinations all ready - but i fails whenver trying with regular user - it just says simple password or bad password thats it - and after few times it locks
0
 
LVL 5

Accepted Solution

by:
Dave Gould earned 500 total points
ID: 39864619
Try this
Comment all the three lines

 # password requisite pam_cracklib.so try_first_pass retry=3
 # password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok
 # password required pam_deny.so
 
Add this line

 password sufficient /lib/security/$ISA/pam_unix.so nullok md5 shadow
 
Make sure that you keep a login session open and test from another session. This way you will not lock yourself out
0
 

Author Closing Comment

by:apunkabollywood
ID: 39866814
Thank you - great help - just a info - only commenting first line did the t rick
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Disabling security updates Ubuntu 3 66
Krita v3 Linux Mint/Ubuntu 16.04 9 74
AWS Linux EC2 question on group 7 87
Linux Server mapping drive using SSH key 9 51
Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question