Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
[gentoo-user] forcing Gentoo to accept simple password
707 views
Skip to first unread message
the...@sys-concept.com
Feb 6, 2021, 5:20:03 PM2/6/21
to
What changing one need to make to force gentoo log-in to accept simple password.
The system is not a high security risk so I have no need for a sophisticated password.
I think it has to do something with file: /etc/pam.d/system-auth
Here is an old one:
auth required pam_env.so
auth required pam_unix.so try_first_pass likeauth nullok
auth optional pam_permit.so
account required pam_unix.so
account optional pam_permit.so
password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
password required pam_unix.so try_first_pass use_authtok nullok sha512 shadow
password optional pam_permit.so
session required pam_limits.so
session required pam_env.so
session required pam_unix.so
session optional pam_permit.so
and a new one:
auth required pam_env.so
auth requisite pam_faillock.so preauth
auth [success=1 default=ignore] pam_unix.so nullok try_first_pass
auth [default=die] pam_faillock.so authfail
auth optional pam_permit.so
account required pam_unix.so
account required pam_faillock.so
account optional pam_permit.so
password required pam_passwdqc.so config=/etc/security/passwdqc.conf
password required pam_unix.so try_first_pass use_authtok nullok sha512 shadow
password optional pam_permit.so
session required pam_limits.so
session required pam_env.so
session required pam_unix.so
session optional pam_permit.so
The system is not a high security risk so I have no need for a sophisticated password.
I think it has to do something with file: /etc/pam.d/system-auth
Here is an old one:
auth required pam_env.so
auth required pam_unix.so try_first_pass likeauth nullok
auth optional pam_permit.so
account required pam_unix.so
account optional pam_permit.so
password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
password required pam_unix.so try_first_pass use_authtok nullok sha512 shadow
password optional pam_permit.so
session required pam_limits.so
session required pam_env.so
session required pam_unix.so
session optional pam_permit.so
and a new one:
auth required pam_env.so
auth requisite pam_faillock.so preauth
auth [success=1 default=ignore] pam_unix.so nullok try_first_pass
auth [default=die] pam_faillock.so authfail
auth optional pam_permit.so
account required pam_unix.so
account required pam_faillock.so
account optional pam_permit.so
password required pam_passwdqc.so config=/etc/security/passwdqc.conf
password required pam_unix.so try_first_pass use_authtok nullok sha512 shadow
password optional pam_permit.so
session required pam_limits.so
session required pam_env.so
session required pam_unix.so
session optional pam_permit.so
David Haller
Feb 7, 2021, 5:10:05 AM2/7/21
to
Hello,
On Sat, 06 Feb 2021, the...@sys-concept.com wrote:
>What changing one need to make to force gentoo log-in to accept
>simple password. The system is not a high security risk so I have no
>need for a sophisticated password.
>I think it has to do something with file: /etc/pam.d/system-auth
[..]
>password required pam_passwdqc.so config=/etc/security/passwdqc.conf
Uninstall sys-auth/passwdqc... From it's manpage:
====
DESCRIPTION
The pam_passwdqc module is a simple password strength checking
module for PAM.
====
You need to remove the 'passwdqc' USE flag from sys-auth/pambase, else
it'll get pulled in again.
HTH,
-dnh
--
Linux is not a desktop OS for people whose VCRs are still
flashing "12:00". -- Paul Tomblin
On Sat, 06 Feb 2021, the...@sys-concept.com wrote:
>What changing one need to make to force gentoo log-in to accept
>simple password. The system is not a high security risk so I have no
>need for a sophisticated password.
>I think it has to do something with file: /etc/pam.d/system-auth
>password required pam_passwdqc.so config=/etc/security/passwdqc.conf
Uninstall sys-auth/passwdqc... From it's manpage:
====
DESCRIPTION
The pam_passwdqc module is a simple password strength checking
module for PAM.
====
You need to remove the 'passwdqc' USE flag from sys-auth/pambase, else
it'll get pulled in again.
HTH,
-dnh
--
Linux is not a desktop OS for people whose VCRs are still
flashing "12:00". -- Paul Tomblin
the...@sys-concept.com
Feb 7, 2021, 1:40:04 PM2/7/21
to
On 2/7/21 2:58 AM, David Haller wrote:
> Hello,
>
> On Sat, 06 Feb 2021, the...@sys-concept.com wrote:
>> What changing one need to make to force gentoo log-in to accept
>> simple password. The system is not a high security risk so I have no
>> need for a sophisticated password.
>
>> I think it has to do something with file: /etc/pam.d/system-auth
> [..]
>> password required pam_passwdqc.so config=/etc/security/passwdqc.conf
>
> Uninstall sys-auth/passwdqc... From it's manpage:
>
> ====
> DESCRIPTION
> The pam_passwdqc module is a simple password strength checking
> module for PAM.
> ====
>
> You need to remove the 'passwdqc' USE flag from sys-auth/pambase, else
> it'll get pulled in again.
>
> HTH,
> -dnh
Thank you, that worked!
> Hello,
>
> On Sat, 06 Feb 2021, the...@sys-concept.com wrote:
>> What changing one need to make to force gentoo log-in to accept
>> simple password. The system is not a high security risk so I have no
>> need for a sophisticated password.
>
>> I think it has to do something with file: /etc/pam.d/system-auth
> [..]
>> password required pam_passwdqc.so config=/etc/security/passwdqc.conf
>
> Uninstall sys-auth/passwdqc... From it's manpage:
>
> ====
> DESCRIPTION
> The pam_passwdqc module is a simple password strength checking
> module for PAM.
> ====
>
> You need to remove the 'passwdqc' USE flag from sys-auth/pambase, else
> it'll get pulled in again.
>
> HTH,
> -dnh
unmerging "sys-auth/passwdqc" and compile "sys-auth/pambase" without "passwdqc" solved the problem
0 new messages