• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

The Geek Diary

CONCEPTS | BASICS | HOWTO

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • Linux Services
    • VCS
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
    • Data Guard
  • DevOps
    • Docker
    • Shell Scripting
  • Interview Questions
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

How to configure CentOS/RHEL 6 system to not used last 3 passwords used

By admin

Question: How to change the password policy on a system so that a user cannot choose any of the last 3 passwords previously used?

1. Make sure that the file /etc/security/opasswd has the default permission (600).

# ls -l /etc/security/opasswd
-rw------- 1 root root 116 Sep 8 14:52 /etc/security/opasswd

2. Ensure you backup the file /etc/pam.d/system-auth:

# cp /etc/pam.d/system-auth /etc/pam.d/system-auth.old

3. Modify the file /etc/pam.d/system-auth in vi editor and change the line containing:

password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok

as:

password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok remember=3

4. Save and quit the editor (:wq!).

5. Then login as any non-root user and try changing the passwd using the passwd command, if you use the previous old password it will throw an error that “Password has been already used. Choose another.”

$ passwd
Changing password for user test.
Changing password for test.
(current) UNIX password:
New password:
Retype new password:
Password has been already used. Choose another.
Password:

Filed Under: CentOS/RHEL 6, Linux, OEL 6

Some more articles you might also be interested in …

  1. Basic Master Cups Server and Clients Configuration for Browsing in CentOS/RHEL 7
  2. Understanding The /proc File System
  3. CentOS / RHEL : How to find free space in a Volume Group in LVM
  4. How To Customize The Screensaver Options In Gnome on CentOS/RHEL 7
  5. How to change the default IP address of docker bridge
  6. Manual Changes Made To /etc/hosts Or /etc/sysconfig/network-scripts/ifcfg-* Are Lost
  7. How to disable a specific command for a specific user in Linux
  8. Sample /etc/mke2fs.conf file
  9. How to rename a KVM VM with virsh
  10. How To Check Swap Usage of Each Processes in Linux

You May Also Like

Primary Sidebar

Recent Posts

  • How to Disable IPv6 on Ubuntu 18.04 Bionic Beaver Linux
  • How to Capture More Logs in /var/log/dmesg for CentOS/RHEL
  • Unable to Start RDMA Services on CentOS/RHEL 7
  • How to rename a KVM VM with virsh
  • Archives
  • Contact Us
  • Copyright

© 2021 · The Geek Diary