[TriLUG] PAM /etc/passwd question

Kevin Hunter khunter at rhoworld.com
Wed Mar 6 14:33:33 EST 2002


Ok, no one laugh.  Remember new guy trying to learn t/d things right
typing here.  I took a tip from industrial-linux.org re: pam and
password authentication/changing.  However, I think I've left one
line in that should be removed.  PAM is still a little fuzzy to me.
My original /etc/pam.d/passwd file is :

#%PAM-1.0
auth       required     /lib/security/pam_stack.so
service=system-auth
account    required     /lib/security/pam_stack.so
service=system-auth
password   required     /lib/security/pam_stack.so
service=system-auth

I changed it to the following to support md5 and to force changes of
passwords to something unique.

#%PAM-1.0
auth       required     /lib/security/pam_stack.so
service=system-auth
account    required     /lib/security/pam_stack.so
service=system-auth
password   required     /lib/security/pam_stack.so
service=system-auth

# These lines added to allow support of md5 passwords

password   required     /lib/security/pam_cracklib.so minlen=8
difok=3
password   required     /lib/security/pam_pwdb.so use_authtok nullok
md5


However, I think I need to remove the "pam_stack" line b/c when I
change a password, I get prompted twice, once w/ "New Password" and
once w/ "New UNIX Password".

Am I on track?

Thx!

KH




More information about the TriLUG mailing list