vim /etc/pam.d/system-auth

Ändern von

password    requisite     pam_cracklib.so try_first_pass retry=3 type=
password    sufficient    pam_unix.so md5 shadow nullok try_first_pass use_authtok

Auf

password    requisite     pam_cracklib.so try_first_pass retry=3 minlen=8 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1 difok=3
password    sufficient    pam_unix.so md5 shadow nullok try_first_pass use_authtok remember=10

Cracklib Installieren

apt-get install libcrack2 libpam-cracklib

Ändern von

password        required                        pam_permit.so

Auf

password   required     pam_cracklib.so retry=3 minlen=8 lcredit=-1 ucredit=-1 dcredit=-1 

Erklärung

• minlen=9 the minimum password length
• lcredit=-1 minimum of 1 lowercase
• ucredit=-1 minimum 1 uppercase
• dcredit=-1 minimum 1 decimal character (number)
• ocredit=-1 minimum 1 special character (punctuation etc)
• difok=3 enforces no less than 3 character difference between password changes.
• remember=10 remembers the last 10 password changes so they can't be repeated.