Set password length to meet VA scan requirements

2019-05-31 10:21:14 +01:00
parent a6f307c6b5
commit 81c0b70a6f
2 changed files with 2 additions and 1 deletions
--- a/install-mq.sh
+++ b/install-mq.sh
@@ -90,6 +90,8 @@ ln -s /mnt/mqm/data /var/mqm
 # Optional: Ensure any passwords expire in a timely manner
 sed -i 's/PASS_MAX_DAYS\t99999/PASS_MAX_DAYS\t90/' /etc/login.defs
 sed -i 's/PASS_MIN_DAYS\t0/PASS_MIN_DAYS\t1/' /etc/login.defs
+sed -i 's/PASS_MIN_LEN\t5/PASS_MIN_LEN\t8/' /etc/login.defs
+sed -i 's/# minlen = 9/minlen = 8/' /etc/security/pwquality.conf

 $UBUNTU && PAM_FILE=/etc/pam.d/common-password
 $RPM && PAM_FILE=/etc/pam.d/password-auth