summaryrefslogtreecommitdiff
path: root/debian/local/common-password
diff options
context:
space:
mode:
Diffstat (limited to 'debian/local/common-password')
-rw-r--r--debian/local/common-password34
1 files changed, 34 insertions, 0 deletions
diff --git a/debian/local/common-password b/debian/local/common-password
new file mode 100644
index 00000000..45959eb5
--- /dev/null
+++ b/debian/local/common-password
@@ -0,0 +1,34 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "nullok" option allows users to change an empty password, else
+# empty passwords are treated as locked accounts.
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# You can also use the "min" option to enforce the length of the new
+# password.
+#
+# See the pam_unix manpage for other options.
+
+password required pam_unix.so nullok obscure md5
+
+# Alternate strength checking for password. Note that this
+# requires the libpam-cracklib package to be installed.
+# You will need to comment out the password line above and
+# uncomment the next two in order to use this.
+# (Replaces the `OBSCURE_CHECKS_ENAB', `CRACKLIB_DICTPATH')
+#
+# password required pam_cracklib.so retry=3 minlen=6 difok=3
+# password required pam_unix.so use_authtok nullok md5
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-26 08:41:49 +0000