• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

How to configure CentOS/RHEL 6 system to not used last 3 passwords used

by admin

Question: How to change the password policy on a system so that a user cannot choose any of the last 3 passwords previously used?

1. Make sure that the file /etc/security/opasswd has the default permission (600).

# ls -l /etc/security/opasswd
-rw------- 1 root root 116 Sep 8 14:52 /etc/security/opasswd

2. Ensure you backup the file /etc/pam.d/system-auth:

# cp /etc/pam.d/system-auth /etc/pam.d/system-auth.old

3. Modify the file /etc/pam.d/system-auth in vi editor and change the line containing:

password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok

as:

password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok remember=3

4. Save and quit the editor (:wq!).

5. Then login as any non-root user and try changing the passwd using the passwd command, if you use the previous old password it will throw an error that “Password has been already used. Choose another.”

$ passwd
Changing password for user test.
Changing password for test.
(current) UNIX password:
New password:
Retype new password:
Password has been already used. Choose another.
Password:

Filed Under: CentOS/RHEL 6, Linux, OEL 6

Some more articles you might also be interested in …

  1. How To Change Timezone for Oracle Grid Infrastructure
  2. vncserver fails with “Starting VNC server: no displays configured”
  3. How to Remove a Dead Mulitpath Device without Reboot in CentOS/RHEL
  4. gnome-screenshot: command not found
  5. runcon Command Examples in Linux
  6. htpdate : command not found
  7. loadkeys Command Examples in Linux
  8. pactree: command not found
  9. CentOS / RHEL : How to get the date and time of executed command in the history command output
  10. sudoedit: command not found

You May Also Like

Primary Sidebar

Recent Posts

  • direnv: Shell extension to load and unload environment variables depending on the current directory
  • dircolors: Output commands to set the LS_COLOR environment variable and style ls, dir, etc
  • dillo: A lightweight web browser intended for slow computers
  • dig: DNS lookup utility

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright