tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Changes to improve password strength testing

This commit is contained in:
mboelen 2015-10-21 22:58:52 +02:00
parent 69cbabfed2
commit 4cbeb31078
1 changed files with 19 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
plugins/plugin_pam_phase1
View File

@ -199,7 +199,7 @@
if [ "${MIN_PASSWORD_CLASS}" = "" ]; then MIN_PASSWORD_CLASS=0; fi
if [ "${MIN_PASSWORD_LENGTH}" = "" ]; then MIN_PASSWORD_LENGTH=6; fi
PAM_MODULE_PASSWORD_STRENGTH_TESTED=1
PAM_PASSWORD_STRENGTH_TESTED=1
if [ ! "${PAM_MODULE_OPTIONS}" = "" ]; then
Debug "Module options configured"
for I in ${PAM_MODULE_OPTIONS}; do
@ -214,39 +214,33 @@
DigitsOnly ${VALUE}
MIN_PASSWORD_LENGTH=${VALUE}
;;
# Digital characters
dccredit)
# Digits only
retry)
# Maximum password retry
logtext "Result: Max password Retry configured"
DigitsOnly ${VALUE}
if [ ${VALUE} -gt 0 ]; then CREDITS_CONFIGURED=1; fi
MAX_PASSWORD_RETRY=${VALUE}
;;
# Lowercase characters
lccredit)
# Digits only
DigitsOnly ${VALUE}
if [ ${VALUE} -gt 0 ]; then CREDITS_CONFIGURED=1; fi
minclass)
# Minimum number of class required out of upper, lower, digit and oters
logtext "Result: Min number of password class is configured"
MIN_PASSWORD_CLASS=${VALUE}
;;
dcredit)
CREDITS_D_PASSWORD=${VALUE}
;;
# Other characters
occredit)
# Digits only
DigitsOnly ${VALUE}
if [ ${VALUE} -gt 0 ]; then CREDITS_CONFIGURED=1; fi
lcredit)
CREDITS_L_PASSWORD=${VALUE}
;;
# Uppercase characters
uccredit)
# Digits only
DigitsOnly ${VALUE}
if [ ${VALUE} -gt 0 ]; then CREDITS_CONFIGURED=1; fi
ocredit)
CREDITS_O_PASSWORD=${VALUE}
;;
ucredit)
CREDITS_U_PASSWORD=${VALUE}
;;
*)
logtext "Result: unknown option found: ${OPTION} with value ${VALUE}"
;;
esac
if [ ${CREDITS_CONFIGURED} -eq 1 ]; then
logtext "Result: Credits are configured, password length minus 1"
MIN_PASSWORD_LENGTH=`expr ${MIN_PASSWORD_LENGTH} - 1`
fi
done
fi
;;