Explorar el Código

Enforce good passwords

Bob Mottram hace 10 años
padre
commit
67dd6aca56
Se han modificado 1 ficheros con 12 adiciones y 0 borrados
  1. 12
    0
      install-freedombone.sh

+ 12
- 0
install-freedombone.sh Ver fichero

@@ -317,6 +317,17 @@ function remove_default_user {
317 317
   fi
318 318
 }
319 319
 
320
+function enforce_good_passwords {
321
+  # because humans are generally bad at choosing passwords
322
+  if grep -Fxq "enforce_good_passwords" $COMPLETION_FILE; then
323
+      return
324
+  fi
325
+  apt-get -y --force-yes install libpam-cracklib
326
+
327
+  sed -i 's/password	requisite			pam_deny.so/password    requisite   pam_cracklib.so retry=2 dcredit=-4 ucredit=-1 ocredit=-1 lcredit=0 minlen=10 reject_username/g' /etc/pam.d/common-password
328
+  echo 'enforce_good_passwords' >> $COMPLETION_FILE
329
+}
330
+
320 331
 function change_login_message {
321 332
   if grep -Fxq "change_login_message" $COMPLETION_FILE; then
322 333
       return
@@ -3414,6 +3425,7 @@ change_debian_repos
3414 3425
 enable_backports
3415 3426
 configure_dns
3416 3427
 initial_setup
3428
+enforce_good_passwords
3417 3429
 install_editor
3418 3430
 change_login_message
3419 3431
 update_the_kernel