On my 11.0-RELEASE-p15 system, I've enabled pam_passwdc.so in /etc/pam.d/passwd. (I just uncommented the line, no other settings were changed.) I then created a "testuser" user, and gave it a sufficiently complex password. Logging in as that user and trying to change my password using the
I then expired the password with
When I then logged into the "testuser" account, it asked for a new password, as it should. But it accepted any password at all (including null!) as a valid new password. (And I wasn't allowed to then change the empty password because
I'm assuming I have to make some other change within the PAM configuration files, but I can't figure out what. Any thoughts would be appreciated.
passwd
command to "12345qaz" yields the following (expected) results:
Code:
Weak password: not enough different characters or classes for this length.
Try again.
pw usermod -n testuser -p +0
When I then logged into the "testuser" account, it asked for a new password, as it should. But it accepted any password at all (including null!) as a valid new password. (And I wasn't allowed to then change the empty password because
passwd
wouldn't accept the empty password as the old password.)I'm assuming I have to make some other change within the PAM configuration files, but I can't figure out what. Any thoughts would be appreciated.