aboutsummaryrefslogtreecommitdiff
path: root/local/common-password
diff options
context:
space:
mode:
Diffstat (limited to 'local/common-password')
-rw-r--r--local/common-password19
1 files changed, 13 insertions, 6 deletions
diff --git a/local/common-password b/local/common-password
index 9025f6b0..45959eb5 100644
--- a/local/common-password
+++ b/local/common-password
@@ -2,19 +2,26 @@
# /etc/pam.d/common-password - password-related modules common to all services
#
# This file is included from other service-specific PAM config files,
-# and should contain a list of modules that define the services to be
-#used to change user passwords. The default is pam_unix
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+# Explanation of pam_unix options:
+#
# The "nullok" option allows users to change an empty password, else
# empty passwords are treated as locked accounts.
#
-# (Add `md5' after the module name to enable MD5 passwords)
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
#
# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
-# login.defs. Also the "min" and "max" options enforce the length of the
-# new password.
+# login.defs.
+#
+# You can also use the "min" option to enforce the length of the new
+# password.
+#
+# See the pam_unix manpage for other options.
-password required pam_unix.so nullok obscure min=4 max=8 md5
+password required pam_unix.so nullok obscure md5
# Alternate strength checking for password. Note that this
# requires the libpam-cracklib package to be installed.
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-20 16:26:18 +0000