64 lines
2.1 KiB
Plaintext
64 lines
2.1 KiB
Plaintext
# Configuration for systemwide password quality limits
|
|
# Defaults:
|
|
#
|
|
# Number of characters in the new password that must not be present in the
|
|
# old password.
|
|
# difok = 1
|
|
#
|
|
# Minimum acceptable size for the new password (plus one if
|
|
# credits are not disabled which is the default). (See pam_cracklib manual.)
|
|
# Cannot be set to lower value than 6.
|
|
# minlen = 8
|
|
#
|
|
# The maximum credit for having digits in the new password. If less than 0
|
|
# it is the minimum number of digits in the new password.
|
|
# dcredit = 0
|
|
#
|
|
# The maximum credit for having uppercase characters in the new password.
|
|
# If less than 0 it is the minimum number of uppercase characters in the new
|
|
# password.
|
|
# ucredit = 0
|
|
#
|
|
# The maximum credit for having lowercase characters in the new password.
|
|
# If less than 0 it is the minimum number of lowercase characters in the new
|
|
# password.
|
|
# lcredit = 0
|
|
#
|
|
# The maximum credit for having other characters in the new password.
|
|
# If less than 0 it is the minimum number of other characters in the new
|
|
# password.
|
|
# ocredit = 0
|
|
#
|
|
# The minimum number of required classes of characters for the new
|
|
# password (digits, uppercase, lowercase, others).
|
|
# minclass = 0
|
|
#
|
|
# The maximum number of allowed consecutive same characters in the new password.
|
|
# The check is disabled if the value is 0.
|
|
# maxrepeat = 0
|
|
#
|
|
# The maximum number of allowed consecutive characters of the same class in the
|
|
# new password.
|
|
# The check is disabled if the value is 0.
|
|
# maxclassrepeat = 0
|
|
#
|
|
# Whether to check for the words from the passwd entry GECOS string of the user.
|
|
# The check is enabled if the value is not 0.
|
|
# gecoscheck = 0
|
|
#
|
|
# Whether to check for the words from the cracklib dictionary.
|
|
# The check is enabled if the value is not 0.
|
|
dictcheck = 0
|
|
#
|
|
# Whether to check if it contains the user name in some form.
|
|
# The check is enabled if the value is not 0.
|
|
# usercheck = 1
|
|
#
|
|
# Whether the check is enforced by the PAM module and possibly other
|
|
# applications.
|
|
# The new password is rejected if it fails the check and the value is not 0.
|
|
# enforcing = 1
|
|
#
|
|
# Path to the cracklib dictionaries. Default is to use the cracklib default.
|
|
# dictpath =
|