Linux 密码安全设置

• /etc/login.defs

#       PASS_MAX_DAYS   Maximum number of days a password may be used.#       PASS_MIN_DAYS   Minimum number of days allowed between password changes.#       PASS_MIN_LEN    Minimum acceptable password length.#       PASS_WARN_AGE   Number of days warning given before a password expires.

---

• /etc/pam.d/system-auth

#%PAM-1.0# This file is auto-generated.# User changes will be destroyed the next time authconfig is run.auth        required      pam_env.soauth        sufficient    pam_unix.so try_first_pass nullokauth        required      pam_deny.soaccount     required      pam_unix.sopassword    requisite     pam_cracklib.so try_first_pass retry=3 type=password    sufficient    pam_unix.so try_first_pass use_authtok nullok sha512 shadowpassword    required      pam_deny.sosession     optional      pam_keyinit.so revokesession     required      pam_limits.sosession     [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uidsession     required      pam_unix.sopassword  requisite pam_cracklib.so retry=5  difok=3 minlen=10 ucredit=-1 lcredit=-3 dcredit=-3 dictpath=/usr/share/cracklib/pw_dict参数含义：尝试次数：5    最少不同字符：3       最小密码长度：10          最少大写字母：1       最少小写字母：3        最少数字：3        密码字典：/usr/share/cracklib/pw_dict

参考:
https://linux.cn/article-2518-1.html