In /etc/security/user, we have
default:
admin = false
login = true
su = false
daemon = true
rlogin = true
. . .
minage = 1
maxage = 8
mindiff = 3
maxrepeats = 2
dictionlist =
pwdchecks =
oracle:
minage = 0
maxage = 0
infrauser1:
minage = 0
maxage = 0
sshuser:
admin = false
maxage = 0
infrauser2:
minage = 0
maxage = 0
Q1:
For infrauser1 & 2, shouldn't the minage=1 & maxage=8 to match with the default & security best practice?
Q2:
with min & maxage=0, for these 2 infra users, do these settings override the system default's minage=1 & maxage=8 ?
Q3:
For oracle account, what's the best/secure practice out there? min & maxage=0 ?
Q4:
for sshuser used to do sftp, what's the best/secure practice out there? min & maxage=0 ?
Our community of experts have been thoroughly vetted for their expertise and industry experience.