Archive for the tag 'Enterprise'

Password Aging under Red Hat Enterprise Linux

Password aging is another technique used by system administrators to defend against bad passwords within an organization. Password aging means that after a specified period (usually 90 days), the user is prompted to create a new password. The theory behind this is that if a user is forced to change his password periodically, a cracked password is only useful to an intruder for a limited amount of time. The downside to password aging, however, is that users are more likely to write their passwords down.

There are two primary programs used to specify password aging under Red Hat Enterprise Linux: the chage command or the graphical User Manager (system-config-users) application. The -M option of the chage command specifies the maximum number of days the password is valid. For example, to set a user’s password to expire in 90 days, use the following command:

chage -M 90 [username]

In the above command, replace with the name of the user. To disable password expiration, it is traditional to use a value of 99999 after the -M option (this equates to a little over 273 years). You can also use the chage command in interactive mode to modify multiple password aging and account details. Use the following command to enter interactive mode:

chage [username]

The following is a sample interactive session using this command:

[root@buddy ~]# chage buddy

sysreport and sosreport in Red Hat Enterprise Linux

Before Red Hat Enterprise Linux 4.5, we had “sysreport”. The “sosreport” command is a tool that collects information about a Red Hat Enterprise Linux system, such as what kernel is running, what drivers are loaded, and various configuration files for common services. It also does some simple diagnostics against known problematic patterns.

To run “sosreport”, the “sos” package must be installed. The package should be installed by default, bu if the package is not installed, follow the steps below:

Red Hat Enterprise Linux 4

If the system is registered with Red Hat Network (RHN), “sos” can be installed using the up2date command:

# up2date sos

Red Hat Enterprise Linux 5 and later

If the system is registered with RHN, use the yum command:

# yum install sos

sosreport” will generate a compressed a bz2 file under /tmp.

« Prev