Modification de la stratégie de sécurité de mot de passe
http://linux.die.net/man/8/pam_passwdqc
Commande VI (Editeur linux)
http://free-electrons.com/doc/vi_memento_fr.pdf
http://wiki.linux-france.org/wiki/Utilisation_de_vi
http://www.linux-france.org/prj/support/outils/vi.html
Activer SSH sur ESXI, Soit via la console local, Soit via le client vsphere
http://www.thomasmaurer.ch/2014/01/enable-ssh-on-vmware-esxi-5-5-via-vsphere-client/
Accès SSH avec putty
| ICI | : 192.168.10.4 |
| ID | : Root |
| PW | : Vide |
Commandes
Cd /etc/pam.d
Vi system-auth
login as: root
root@192.168.10.4's password: Vide
You have activated Tech Support Mode.
The time and date of this activation have been sent to the system logs.
VMware offers supported, powerful system administration tools.
Please see www.vmware.com/go/sysadmintools for details.
Tech Support Mode may be disabled by an administrative user.
Please consult the ESXi Configuration Guide for additional
important information.
~ # cd etc/pam.d
/etc/pam.d # ls -l (Permet de lister les fichiers du dossiers avec les attributs)
-r--r--r-- 1 root root 397 Jan 13 2011 dcui
-r--r--r-- 1 root root 156 Jan 13 2011 login
-r--r--r-- 1 root root 190 Jan 13 2011 openwsman
-r--r--r-- 1 root root 301 Jan 13 2011 other
-rw-r--r-- 1 root root 48 Jan 13 2011 passwd
-r--r--r-- 1 root root 198 Jan 13 2011 sfcb
-r--r--r-- 1 root root 159 Jan 13 2011 sshd
-rw-r--r-T 1 root root 561 Dec 3 10:12 system-auth
-rw-r--r-T 1 root root 429 Jan 13 2011 system-auth-generic
-r--r--r-- 1 root root 424 Jan 13 2011 system-auth-local
-rw-r--r-T 1 root root 574 Dec 3 10:10 system-authold
-rw-r--r-- 1 root root 1 Dec 3 09:59 toto
-r--r--r-- 1 root root 133 Jan 13 2011 vmware-authd
/etc/pam.d #
Si le fichier " system-auth" n'est pas en rw
Taper la commande : chmod +r system-auth
/etc/pam.d # vi system-auth (Permet l'edition du fichier system-auth)
#%PAM-1.0
auth required /lib/security/$ISA/pam_access.so
auth required /lib/security/$ISA/pam_per_user.so /etc/security/login.map
account required /lib/security/$ISA/pam_per_user.so /etc/security/login.map
session required /lib/security/$ISA/pam_per_user.so /etc/security/login.map
REMPLACER
password requisite /lib/security/$ISA/pam_passwdqc.so retry=3 min=8,8,8,8,7
PAR
password requisite /lib/security/$ISA/pam_passwdqc.so retry=3 min=6,6,6,6,6 enforce=none
password sufficient /lib/security/$ISA/pam_unix.so use_authtok nullok shadow md5
password required /lib/security/$ISA/pam_deny.so
Une fois modifié
Taper :wq! Puis entrer
Le fichier modifié sera sauvé et vous sortirez de VI
/etc/pam.d # passwd (Permet de changer le Mot de passe)
Changing password for root
You can now choose the new password or passphrase.
A good password should be a mix of upper and lower case letters,
digits, and other characters. You can use a 6 character long
password.
A passphrase should be of at least 3 words, 6 to 40 characters
long, and contain enough different characters.
Alternatively, if noone else can see your terminal now, you can
pick this as your password: "juvt*ongpu-frdhry".
Enter new password: toto
Weak password: based on personal login information.
Re-type new password: toto
passwd: password updated successfully
/etc/pam.d #
ICI Le mot de passe est changé en toto
Aucun commentaire:
Enregistrer un commentaire