Академический Документы
Профессиональный Документы
Культура Документы
useradd jane
passwd jane
The passwd command is used to create the password for each user. Users forget their
passwords. Often the administrator will be expected to reset those passwords. Looking up
passwords is not a possibility because they are encrypted in storage. A new password must be
created with the passwd command.
passwd john
Password Control
The command usermod can be used to create several password aging attributes. Here are several
options:
Modify an account.
sudo usermod -e 05/01/2011 jane
The modified /etc/shadow shows the change to jane’s account.
jane:
$6$K0Y7yctA$kk2cxELHsfbDX4WMm4/XPMmuluzZoYMpTpzr7Um/E06iLO1xuyDtmgR7jk
ROwR 0iuWF65p7XEmpmCsHpPBmKP0:14769:0:99999:7::15095:
Check Password
The command chage -l can be used to show the status of a user’s password protection. Let’s say
you wanted to check the status of jane’s password.
chage -l jane
Last password change : Jun 09, 2010
Password expires : never
Password inactive : never
Account expires : May 01, 2011
Minimum number of days between password change :0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
Choosing the correct password, as well as informing and enforcing password security for users is
an important task for the administrator. Security is built upon passwords, so close attention
should be paid to making passwords an effective tool in security.
These five aspects are critical because software programs can employ “brute force” tactics to try
to guess passwords on your network. Using the five aspects above will make it more difficult to
crack your passwords. Security usually begins with most systems at the user level. One of the
most important aspects of user security is the user password. A lot of security can go down the
drain with poor passwords that can be easily cracked. Several important elements of a user
password are length of the password, randomness and the forced creation of new passwords at
regular intervals. Most users resist all of these elements.
The length of a password is directly proportional to the ease at which it could be cracked. As a
result all passwords should be at least 8 characters long. In addition, passwords should not be
based on dictionary words, they should be random. It is easier to crack passwords based on
dictionary words as cracking programs typically start with dictionary strings. One way to make
secure passwords is to create passwords from phrases that are common to you. For example in
the phrase ” I live at 101 Maple Street in Phoenix Arizona,” could be turned into the password
Ila101MiPA
This is a password built on the first letter of each word to create a secure password. Remember
Linux is case sensitive.
Password Management allows you to force changes in the password or have the account be
automatically disabled in a period of time. It is a good idea to force users to change their
passwords at regular intervals. Of course this is even more important for administrator’s to do as
well. The downside to this is that users forget their passwords if forced to change often making
possibly a worse situation.