====== User Passwort Richtlinie ======
\\
===== Unter RHEL und co =====
<code>
vim /etc/pam.d/system-auth
</code>
**Ändern von**
<code>
password    requisite     pam_cracklib.so try_first_pass retry=3 type=
password    sufficient    pam_unix.so md5 shadow nullok try_first_pass use_authtok
</code>

\\

**Auf** 
<code>
password    requisite     pam_cracklib.so try_first_pass retry=3 minlen=8 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1 difok=3
password    sufficient    pam_unix.so md5 shadow nullok try_first_pass use_authtok remember=10
</code>

----

===== Unter Debian und co =====
**Cracklib Installieren**
<code>
apt-get install libcrack2 libpam-cracklib
</code>

\\

**Ändern von**
<code>
password        required                        pam_permit.so
</code>

\\

**Auf**
<code>
password   required     pam_cracklib.so retry=3 minlen=8 lcredit=-1 ucredit=-1 dcredit=-1 
</code>

----

**Erklärung**
  * minlen=9 the minimum password length
  * lcredit=-1 minimum of 1 lowercase
  * ucredit=-1 minimum 1 uppercase
  * dcredit=-1 minimum 1 decimal character (number)
  * ocredit=-1 minimum 1 special character (punctuation etc)
  * difok=3 enforces no less than 3 character difference between password changes.
  * remember=10 remembers the last 10 password changes so they can't be repeated.