Re: [SLE] passwords expire by themselves

suse-list_at_fresno.edu
Date: 10/12/04

  • Next message: Mikus Grinbergs: "Re: [SLE] scsi problem" 
    Date: Tue, 12 Oct 2004 09:19:04 -0700 (PDT)
To: suse-linux-e@suse.com

    > On Thursday, 7 October 2004 11.02, Heupink, Mourik Jan C. wrote:
    >> dear list.
    >>
    >> I've sent a mail, a few days ago, and did not receive any replies... let
    >> me
    >> try again.. I'm sure some of know the issue, and are able to shed some
    >> light on it. (i had tow questions, this time i'll split the post in two
    >> seperate mails, maybe that's better..?)
    >>
    >> Anyway: I've just setup suse 9.1, ftp install. I've added some users,
    >> and
    >> and somehow, every morning when i try to logon with my (normal, no root)
    >> user id, it says: password has expired, and i have to change it.
    >> (expiration date is set to somewhere in 2010
    Is this under Security and Users in Yast? If so those should be days, not
    years
    >
    >> ... and yes, system time is
    >> current) (and it happened every morning for a week now)
    >>
    >> Could it have something to do with passwords being checked every night,
    >> and
    >> the system finding my password too weak?
    Here is a little more help:

    When you open the Security settings window, you'll have a few options for
    setting up some security on your system.

    By default it has a custom level, which you will now be setting.

    Click "Next".

    The next window has password options. At the top where it says "Checks"
    click the box that says "Checking new passwords" which will keep users
    from setting bad passwords.

    Next, in the Password Length section, you should probably raise the
    "Maximum" length up a few notches, as 8 is nothing but poor. I have mine
    set at 18, really I just added the one in front. You can also set some
    password change warnings here, which may come in handy if a lot of users
    are going to use the system. At this point you can also set a maximum
    length of time before a user needs to change there password.

    Click on "Next".

    The next section should be changed from default:

    Where it says "Boot permissions" click on the drop down box where it says
    "Reboot" and select "Ignore" so no one can just reboot your system. This
    is especially important if you're running a server.

    Under that, where it says "Automatic" you should select "Only Root". That
    way no one can just shut the system down.

    Click "Next".

    This window will ask you how to interpret certain key combinations. CNTRL
    + ALT + DELETE and such. If you your server is only for web or email leave
    these alone.

    Click "Next".

    This window allows you to set how long of a delay there is if someone logs
    in and mistypes a password, or if someone is trying to guess passwords.
    The default is 3 seconds. This can be left alone unless your seeing a lot
    of people trying to do dictionary attacks on your box. Dont make too
    drastic of changes, try making changes of 1-2 seconds at a time.

    After you have chosen your options, click on "Next".

    The next setting is for updatedb. This is run every night, and you can
    select which user runs the command. You won't be typing it if you select
    your own user name, it in fact just runs with permissions of whichever of
    the user names you tell it to run as. It will only update files in the
    database that are accessible by that user. I'd suggest leaving it at
    "Nobody". Most of the other options here should be left alone unless you
    know what you're doing.

    After you have selected what you would like here, click on the "Finish"
    button, and all the settings will be saved.

    Have a good day
    http://www.susenet.com 

    -- 
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@suse.com
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@suse.com
  • Next message: Mikus Grinbergs: "Re: [SLE] scsi problem"
    Loading