January 2018
Intermediate to advanced
376 pages
8h 45m
English
Content preview from Mastering Linux Security and Hardening
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Installing and configuring pwquality
We'll be using the pwquality module for PAM (Pluggable Authentication Module). This is a newer technology that has replaced the old cracklib module. On a Red Hat 7 or CentOS 7 system, pwquality is installed by default, even if you do a minimal installation. If you cd into the /etc/pam.d directory, you can do a grep operation to see that the PAM configuration files are already set up. The retry=3 means that a user will only have three tries to get the password right when logging into the system:
[donnie@localhost pam.d]$ grep 'pwquality' *password-auth:password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type=password-auth-ac:password requisite pam_pwquality.so try_first_pass ...