Home PC Games Linux Windows Database Network Programming Server Mobile  
  Home \ Linux \ Linux environment password security settings     - Android custom slideshow menu slidmenu (Programming)

- Using a proxy method under Linux terminal (Linux)

- How to display a dialog Bash Shell script (Programming)

- Linux beginners to develop the seven habits (Linux)

- Use ldap implement Windows Remote Desktop Ubuntu Linux (Linux)

- Oracle and MySQL difference between the jdbc (Database)

- MyEclipse configuration necessary (Linux)

- Steps to build MPICH2 development environment on CentOS 6.4 (Linux)

- Linux POST fstab configuration file read-only variable can not be modified problem (Linux)

- shell script: the number of characters in the text to print no more than 6 words (Programming)

- CentOS7 installation hardware monitoring for Zabbix enterprise applications (Server)

- Summary Linux bond of multi-interface load balancing (Linux)

- MySQL and MariaDB new master from the cluster configuration GTID (Database)

- Java Learning: elegant string (Programming)

- How VirtualBox and VMware virtual machine conversion (Linux)

- Ubuntu install driver manager Mint Driver Manager and Device Driver Manager (Linux)

- Linux Fundamentals of the text, data flow processing orders (Linux)

- Oracle physical storage structure outline (Database)

- Nginx log cutting and MySQL script regular backup script (Server)

- Installation JDK 1.8 under CentOS7 (Linux)

  Linux environment password security settings
  Add Date : 2018-11-21      
  The password can be said to be the first line of defense Linux system, most of the current attacks on the system from the Internet are beginning to intercept passwords or password guessing, so we should choose a more secure password.

You must first eliminate the Linux environment does not account passwords exist. This can be by looking at the / etc / passwd file found. For example, a user account named test exists, there is no password is set in the / etc / passwd file, there is the following line:
test :: 100: 9 :: / home / test: / bin / bash

Its second is empty, indicating that the test account password is not set, it is very dangerous! Such accounts should be deleted or set a password.
Secondly, in the old version of linux, in the / etc / passwd file that contains the encrypted password, which gives the system security is a big risk, the easiest way is that you can use brute force method to get a password. You can use the command / usr / sbin / pwconv or / usr / sbin / grpconv to create / etc / shadow or / etc / gshadow file, so in / etc / passwd file no longer contains the encrypted password, but on the / etc / shadow file, the file is read only the super user root!

The third point is to modify some system accounts Shell variables such as uucp, ftp and news, etc., and some just need FTP account features, be sure not to set the / bin / bash or / bin / sh Shell and other variables to them. In / etc / passwd in their Shell variable blanking, for example set to / bin / false or / dev / null, etc., can also be used usermod -s / dev / null username command to change the username of Shell to / dev / null. Thus the use of these accounts will not be able to Telnet remote login to the system!

The fourth point is to modify the default password length: When you install linux default password length is 5 bytes. But this is not enough to have it set to 8. Modify the minimum password length login.defs need to edit the file (vi / etc / login.defs), the following line
login.defs file is the login program's configuration file.
- Oracle 11g Export guide problem not an empty table (Database)
- When Vim create Python scripts, vim autocomplete interpreter and encoding method (Programming)
- MariaDB 10.1 and MySQL 5.7 in general performance on commodity hardware (Database)
- Command line tool Tmux (Linux)
- MySQL master-slave delay problem (Database)
- Linux fixes fatal error: x264.h: No such file or directo (Linux)
- Unix / Linux commonly used to clean up disk space command (Linux)
- How to release the cache memory on Linux (Linux)
- Enterprise Hadoop cluster architecture - Hadoop installation (Server)
- RHEL7.0 log system (Linux)
- To assign multiple IP addresses NIC on the CentOS 7 (Linux)
- Use Python automatically cleared Android Engineering excess resources (Programming)
- SHELL script to use anti SSH brute force and vsftpd (Linux)
- Varnish configuration language VCL and its built-in variables (Server)
- RedHat Linux 6.4 install Oracle 10g error (Database)
- Help you to see Linux system architecture type 5 Common Commands (Linux)
- iSCSI + multipath achieve DM multipath storage (Server)
- SQL Server memory Misunderstanding (Database)
- CentOS 6.4 Telecom ADSL dial-up network configuration (Linux)
- Oracle 11g on Linux system boot from the startup settings (Database)
  CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.