We are running RedHat AS 3.0 (64bit). I am trying to tighten things up, starting with the passwords.
Using this link as a guide:
I've edited /etc/login.defs, and /etc/default/useradd. That all works.
However, when I edit /etc/pam.d/system-auth, and add the minlen=8 parameter to the pam_cracklib.so, it doesn't seem to take.
The author references that pam_cracklib modules might need to be patched.
Is that what is happening here?
Should be no need to patch. Make sure you also use the negative values for upper, lower, other symbol etc. Otherwise they are treated as credits toward the 8, reducing the total number of characters needed for the password. Also, make sure you are a regular user when testing.
I tried the same thing on an FC5 box. by adding only minlen=8, I could not make it work, but adding the following, along with minlen=8 worked better.
Code:lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1