Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

User not able to change password on rhel

Posted on 2014-02-17
7
Medium Priority
?
5,065 Views
Last Modified: 2014-02-18
Hi all,

I know its rsiky but i need to allow User(apart from ROOT) to change password and  that too very simple no complex password policies i need for those users.

for ex.. user name : Jhon
su - jhon
passwd
abcd
abcd

jhon can assign any simple passwrod for himself . no need of root to do that.


for now error is:

[jhon@example ~]$ passwd
Changing password for user jhon.
Changing password for jhon.
(current) UNIX password:
New password:
BAD PASSWORD: it is WAY too short
New password:
BAD PASSWORD: it is WAY too short
New password:
BAD PASSWORD: it is WAY too short
^C
[jhon@example ~]$ passwd
Changing password for user jhon.
Changing password for jhon.
(current) UNIX password:
New password:
BAD PASSWORD: it is based on a dictionary word

please help
0
Comment
Question by:apunkabollywood
  • 4
  • 3
7 Comments
 

Author Comment

by:apunkabollywood
ID: 39864272
Example 2:

Example:

Here I created a account test3 and set the password t, and the password is accepted

[root@localhost ~]# useradd test3
[root@localhost ~]# passwd test3

Changing password for user test3.
New password:
BAD PASSWORD: it is WAY too short
BAD PASSWORD: is a palindrome
Retype new password:

passwd: all authentication tokens updated successfully.
But when it comes to regular user-mode it is very difficult change a password. Check this example

[avi@localhost ~]$ su - test3
Password:

[test3@localhost ~]$ passwd
Changing password for user test3.
Changing password for test3.
(current) UNIX password:
New password:
BAD PASSWORD: it is based on a dictionary word
Password:

passwd: Authentication token manipulation error
I logged into that account and tried to change the password, but this time it not taking simple password, I just knew that its because of pam (Pluggable authentication module ie: /etc/pam.d/)

What changes I do to set any password from regular user? Like being root if we give any password it will accept even single character also. I want that method in user-mode also

I know it's crazy but I want to learn that's it. I am using CentOS 6.2
0
 
LVL 5

Expert Comment

by:Dave Gould
ID: 39864380
Check the file /etc/login.defs
There is a parameter PASS_MIN_LEN

You might also want to look at the file /etc/pam.d/system-auth and look for a line that resembles this : password requisite pam_cracklib.so try_first_pass retry=3 minlen=14 ucredit=-1 dcredit=-1 ocredit=-1 lcredit=-1

You can find an interesting article on the subject here:
http://www.itworld.com/endpoint-security/275056/how-enforce-password-complexity-linux
0
 

Author Comment

by:apunkabollywood
ID: 39864461
All thing works but for root not for the regular users :(
0
NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

 
LVL 5

Expert Comment

by:Dave Gould
ID: 39864472
Have you tried modifying the parameters in the files mentionned?
0
 

Author Comment

by:apunkabollywood
ID: 39864482
Yes all combinations all ready - but i fails whenver trying with regular user - it just says simple password or bad password thats it - and after few times it locks
0
 
LVL 5

Accepted Solution

by:
Dave Gould earned 2000 total points
ID: 39864619
Try this
Comment all the three lines

 # password requisite pam_cracklib.so try_first_pass retry=3
 # password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok
 # password required pam_deny.so
 
Add this line

 password sufficient /lib/security/$ISA/pam_unix.so nullok md5 shadow
 
Make sure that you keep a login session open and test from another session. This way you will not lock yourself out
0
 

Author Closing Comment

by:apunkabollywood
ID: 39866814
Thank you - great help - just a info - only commenting first line did the t rick
0

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The purpose of this article is to fix the unknown display problem in Linux Mint operating system. After installing the OS if you see Display monitor is not recognized then we can install "MESA" utilities to fix this problem or we can install additio…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month12 days, 17 hours left to enroll

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question