|
#
|
|
# /etc/pam.d/common-password - password-related modules common to all services
|
|
#
|
|
# This file is included from other service-specific PAM config files,
|
|
# and should contain a list of modules that define the services to be
|
|
#used to change user passwords. The default is pam_unix
|
|
|
|
# The "nullok" option allows users to change an empty password, else
|
|
# empty passwords are treated as locked accounts.
|
|
#
|
|
# (Add `md5' after the module name to enable MD5 passwords)
|
|
#
|
|
# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
|
|
# login.defs. Also the "min" and "max" options enforce the length of the
|
|
# new password.
|
|
|
|
password required pam_unix.so nullok obscure min=4 max=8 md5
|
|
|
|
# Alternate strength checking for password. Note that this
|
|
# requires the libpam-cracklib package to be installed.
|
|
# You will need to comment out the password line above and
|
|
# uncomment the next two in order to use this.
|
|
# (Replaces the `OBSCURE_CHECKS_ENAB', `CRACKLIB_DICTPATH')
|
|
#
|
|
# password required pam_cracklib.so retry=3 minlen=6 difok=3
|
|
# password required pam_unix.so use_authtok nullok md5
|
|
|