lnorg/documentation
1
2
Fork 0
Code Issues 30 Pull requests Projects 6 Activity

Updated PAM section

Browse source
This commit is contained in:
Tastatur 2023-12-29 17:22:44 +01:00
parent 1d69902909
commit a6026d027f
1 changed files with 4 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
docs/alpine-desktop-setup/post-install/security.md
View file

@ -158,21 +158,16 @@ auth optional pam_faildelay.so delay=5000000
Which will add a 5 second delay between login attempts. Which will add a 5 second delay between login attempts.
The system can also enforce strong passwords with PAM with `libpwquality` which has to be installed first: The system can also enforce a stronger hash algorithm for a more secure login protector. Edit the file `/etc/pam.d/passwd` and add the line:
``` ```
# apk add libpwquality
```
Then configure `/etc/pam.d/passwd`, you can configure it to your [liking](https://madaidans-insecurities.github.io/guides/linux-hardening.html#pam), but these settings should do:
```
password required pam_pwquality.so retry=2 minlen=10 difok=0 dcredit=0 ucredit=1 lcredit=0 ocredit=0 enforce_for_root
password required pam_unix.so use_authtok sha512 shadow nullok rounds=1000000 password required pam_unix.so use_authtok sha512 shadow nullok rounds=1000000
``` ```
Then change your password so that it's also secure: Then change your password so that it's also secure:
``` ```
$ passwd # passwd <username>
``` ```
> When choosing a password make sure it's atleast like 8 characters long.