ALL,
Using RHEL6.
I'm trying to test my changes to the "difok" parameter. I'm starting with the default value of 4 and then will change it to the one we require.
The line in the /etc/pam.d/system-auth looks like this:
password requisite pam_cracklib.so try_first_pass retry=3 type= minlen=1 difok=4 maxrepeat=3
And so I'm trying to change the password from "abcd2" to "fhim3" (those are just test passwords with the length of 5 characters). As you can see I'm changing more than 4 characters and the length of the new password is greater than 1 (minlen parameter).
Still after typing the new password I'm getting the BAD PASSWORD: password is too short message.
Trying to Google I see people are saying that minimum required length for the password is 6 on the RHEL. Is this what stopping the change? If it is – can I overwrite the default? If not – what am I missing?
This is for the regular user and not a root.
NB: The default password is forced into the system when we set it up.
NB2: The minlen parameter in the line above is overwritten by me to test. Actual value is bigger.
Best Answer
Apparently, you can't set the
minlenparameters to1...manpage for pam_cracklib