PAM

Configure the minimum password length on Linux systems

One of the options to improve password security is by setting a minimum password length. This article explains how to configure and test this security step.

Summary of Configure the minimum password length on Linux systems

Linux and password strength One of the options to improve password security is by setting a minimum length. This prevents users from choosing easy passwords. As part of Linux system hardening, you don’t want your passwords to be cracked too quickly by modern password crackers. Configuration Let’s have a look at how to configure password security and in particular the length and its strength. Login settings The first area where you can set a password length is in /etc/login.

Read the full article…

Locking users after X failed login attempts with pam_tally2

The pam_tally2 module allows system administrators to block accounts after a number of incorrect login attempts. This guide explains how to use it with SSH.

Summary of Locking users after X failed login attempts with pam_tally2

Using pam_tally2 on Linux Most Linux distributions use pluggable authentication modules (PAM). This modular type of configuration allows system administrators to configure and fine-tune the authentication of users. It also defines the behavior on specific events, like providing an invalid user account or password. PAM can use these events to automatically take an action, like locking an account. Introduction to PAM The configuration of PAM is not that hard, but there are risks involved in the process of making changes.

Read the full article…