Re: Passwd ou pas passwd
CoolFox a écrit :
|>>>> existe t-il un moyen sur Debian de rendre la connexion impossible
|>>>> si un passwd unix n'est pas attribué à l'user ?
|>>>> C'est le cas sur fedora
Regarde du coté de PAM (Pluggable Authentication Module)
Voila j'ai 2 fichiers, l'un de Fedora /etc/pam.d/passwd :
#%PAM-1.0
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
et l'autre Debian, /etc/pam.d/common-passwd :
# /etc/pam.d/common-password - password-related modules common to all
services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define the services to be
#used to change user passwords. The default is pam_unix
# The "nullok" option allows users to change an empty password, else
# empty passwords are treated as locked accounts.
#
# (Add `md5' after the module name to enable MD5 passwords)
#
# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
# login.defs. Also the "min" and "max" options enforce the length of the
# new password.
password required pam_unix.so nullok obscure min=4 max=8 md5
# Alternate strength checking for password. Note that this
# requires the libpam-cracklib package to be installed.
# You will need to comment out the password line above and
# uncomment the next two in order to use this.
# (Replaces the `OBSCURE_CHECKS_ENAB', `CRACKLIB_DICTPATH')
#
# password required pam_cracklib.so retry=3 minlen=6 difok=3
# password required pam_unix.so use_authtok nullok md5
Sont-ce bien les fichiers à modifier? il y en a tellement dans /pam.d
Et quelles modif apporter?
Reply to: