RH415 - ch05s04

As the student user on the workstation machine, use the lab command to prepare your environment for this exercise, and to ensure that all required resources are available.

[student@workstation ~]$ lab start pam-configuring

Instructions

Set the password policy on the serverc machine to require a password of at least 12 characters that include at least one symbol and one digit.
1. Log in to the serverc machine as the student user. No password is required.
```
[student@workstation ~]$ ssh student@serverc
[student@serverc ~]$
```
2. Use the sudo -i command to change to the root user. Use the student sudo password.
```
[student@serverc ~]$ sudo -i
[sudo] password for student: student
[root@serverc ~]#
```
3. Use a text editor to modify the /etc/security/pwquality.conf file to require a minimum password length of 12 characters, a minimum of one digit, and a minimum of one special character. Read through the options in the file to know what each line modifies. Uncomment and modify the lines to match the following output:
```
minlen = 12
dcredit = -1
ocredit = -1
```

Verify that you meet the new requirements by setting the student user password to each of the following values:

alpha42numeric should not work (2 digits, 14 characters, but no symbol)
symbol+1digit should work (1 symbol, 1 digit, and 13 characters)

Log out of the root account.

[root@serverc ~]# logout
[student@serverc ~]$

Use the passwd command to set the password for the student user.

[student@serverc ~]$ passwd
Changing password for user student.
Current password: student
New password: alpha42numeric
BAD PASSWORD: The password contains less than 1 non-alphanumeric characters
passwd: Authentication token manipulation error
[student@serverc ~]$ passwd
Changing password for user student.
Current password: student
New password: symbol+1digit
Retype new password: symbol+1digit
passwd: all authentication tokens updated successfully.
[student@serverc ~]$

Use the sudo -i command to become the root user again, and change back the password for the student user to student. If the sudo command prompts for a password, then use the new one.

[student@serverc ~]$ sudo -i
[sudo] password for student: symbol+1digit
[root@serverc ~]# passwd student
Changing password for user student.
New password: student
BAD PASSWORD: The password contains less than 1 digits
Retype new password: student
passwd: all authentication tokens updated successfully.
[root@serverc ~]#

Return to the workstation machine.

[root@serverc ~]# logout
[student@serverc ~]$ logout
[student@workstation ~]$

Finish

On the workstation machine, use the lab command to complete this exercise. This step is important to ensure that resources from previous exercises do not impact upcoming exercises.

[student@workstation ~]$ lab finish pam-configuring

Discuss Red Hat Security: Linux in Physical, Virtual, and Cloud

Go to community

Welcome to the Red Hat Security: Linux in Physical, Virtual, and Cloud (RH415) group!

Deanna

26 wrz 2023

We are excited to launch a space dedicated to the Red Hat Training course Red Hat Security: Linux in Physical, Virtual, and Cloud! To gain the most value from this group - click the "Join Group" button in the upper right hand corner of the group home page.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to RH415.Read more about Red Hat Security: Linux in Physical, Virtual, and Cloud here.

415

Revision: rh415-9.2-a821299