• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 5542
  • Last Modified:

User not able to change password on rhel

Hi all,

I know its rsiky but i need to allow User(apart from ROOT) to change password and  that too very simple no complex password policies i need for those users.

for ex.. user name : Jhon
su - jhon
passwd
abcd
abcd

jhon can assign any simple passwrod for himself . no need of root to do that.


for now error is:

[jhon@example ~]$ passwd
Changing password for user jhon.
Changing password for jhon.
(current) UNIX password:
New password:
BAD PASSWORD: it is WAY too short
New password:
BAD PASSWORD: it is WAY too short
New password:
BAD PASSWORD: it is WAY too short
^C
[jhon@example ~]$ passwd
Changing password for user jhon.
Changing password for jhon.
(current) UNIX password:
New password:
BAD PASSWORD: it is based on a dictionary word

please help
0
apunkabollywood
Asked:
apunkabollywood
  • 4
  • 3
1 Solution
 
apunkabollywoodAuthor Commented:
Example 2:

Example:

Here I created a account test3 and set the password t, and the password is accepted

[root@localhost ~]# useradd test3
[root@localhost ~]# passwd test3

Changing password for user test3.
New password:
BAD PASSWORD: it is WAY too short
BAD PASSWORD: is a palindrome
Retype new password:

passwd: all authentication tokens updated successfully.
But when it comes to regular user-mode it is very difficult change a password. Check this example

[avi@localhost ~]$ su - test3
Password:

[test3@localhost ~]$ passwd
Changing password for user test3.
Changing password for test3.
(current) UNIX password:
New password:
BAD PASSWORD: it is based on a dictionary word
Password:

passwd: Authentication token manipulation error
I logged into that account and tried to change the password, but this time it not taking simple password, I just knew that its because of pam (Pluggable authentication module ie: /etc/pam.d/)

What changes I do to set any password from regular user? Like being root if we give any password it will accept even single character also. I want that method in user-mode also

I know it's crazy but I want to learn that's it. I am using CentOS 6.2
0
 
Dave GouldOnsite SupportCommented:
Check the file /etc/login.defs
There is a parameter PASS_MIN_LEN

You might also want to look at the file /etc/pam.d/system-auth and look for a line that resembles this : password requisite pam_cracklib.so try_first_pass retry=3 minlen=14 ucredit=-1 dcredit=-1 ocredit=-1 lcredit=-1

You can find an interesting article on the subject here:
http://www.itworld.com/endpoint-security/275056/how-enforce-password-complexity-linux
0
 
apunkabollywoodAuthor Commented:
All thing works but for root not for the regular users :(
0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
Dave GouldOnsite SupportCommented:
Have you tried modifying the parameters in the files mentionned?
0
 
apunkabollywoodAuthor Commented:
Yes all combinations all ready - but i fails whenver trying with regular user - it just says simple password or bad password thats it - and after few times it locks
0
 
Dave GouldOnsite SupportCommented:
Try this
Comment all the three lines

 # password requisite pam_cracklib.so try_first_pass retry=3
 # password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok
 # password required pam_deny.so
 
Add this line

 password sufficient /lib/security/$ISA/pam_unix.so nullok md5 shadow
 
Make sure that you keep a login session open and test from another session. This way you will not lock yourself out
0
 
apunkabollywoodAuthor Commented:
Thank you - great help - just a info - only commenting first line did the t rick
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now