ÔõÑùÈ·±£LinuxÓû§ÃÜÂëÎļþµÄÇå¾²ÐÔ

LinuxϵͳÊÇÒ»ÖÖÆÕ±éʹÓõIJÙ×÷ϵͳ£¬Òò´Ë±£»¤ÏµÍ³ÖÐÓû§ÃÜÂëÎļþµÄÇå¾²ÐÔÖÁ¹ØÖ÷Òª¡£Óû§ÃÜÂëÎļþ´æ´¢ÁËÓû§µÄÕË»§ÐÅÏ¢ºÍ¼ÓÃܺóµÄÃÜÂë£¬ÈôÊÇδ¾­Êʵ±±£»¤£¬¿ÉÄÜ»áÔâÊܺڿ͹¥»÷»òÐÅϢ鶵ÄΣº¦¡£±¾ÎĽ«ÏÈÈÝһЩȷ±£LinuxÓû§ÃÜÂëÎļþÇå¾²ÐÔµÄÒªÁì£¬²¢¸ø³öÏêϸµÄ´úÂëʾÀý¡£

ʹÓúÏÊʵÄȨÏÞÉèÖÃ

chmod ÏÂÁî¿ÉÒÔÓÃÀ´ÉèÖÃÎļþ»òĿ¼µÄȨÏÞ¡£È·±£ÃÜÂëÎļþÖ»ÓÐrootÓû§²Å»ª¶ÁÈ¡ºÍдÈë£¬ÆäËûÓû§Ã»ÓÐȨÏÞ»á¼ûÊǺÜÊÇÖ÷ÒªµÄ¡£ÒÔÏÂÊÇÉèÖÃÃÜÂëÎļþȨÏÞµÄʾÀý´úÂ룺

sudo chown root:root /etc/passwd
sudo chmod 600 /etc/passwd

µÇ¼ºó¸´ÖÆ

ʹÓÃÃÜÂë¹þÏ£Ëã·¨

LinuxϵͳʹÓÃÃÜÂë¹þÏ£Ëã·¨À´´æ´¢Óû§ÃÜÂë£¬Ò»Ñùƽ³£Ê¹ÓõÄÊÇSHA-256»òÕßMD5¡£ÕâЩËã·¨¿ÉÒÔÈ·±£ÃÜÂëÔÚ´æ´¢Àú³ÌÖв»¿ÉÄæ£¬´Ó¶øÌá¸ßÃÜÂëµÄÇå¾²ÐÔ¡£ÒÔÏÂÊÇÒ»¸ö¼òÆÓµÄʾÀý´úÂ룺

mkpasswd -m sha-512

µÇ¼ºó¸´ÖÆ

°´ÆÚ¸ü¸ÄÃÜÂë

°´ÆÚ¸ü¸ÄÓû§ÃÜÂëÊÇÒ»¸öÓÐÓõÄÇå¾²²½·¥¡
£¿ÉÒÔͨ¹ýÉèÖÃÃÜÂëÓâÆÚʱ¼äÀ´Ç¿ÖÆÓû§ÔÚÒ»¶¨ÖÜÆÚÄÚ¸ü¸ÄÃÜÂë¡£ÒÔÏÂÊÇÉèÖÃÃÜÂëÓâÆÚʱ¼äµÄʾÀý´úÂ룺

chage -d 0 username

µÇ¼ºó¸´ÖÆ

ʹÓÃÃÜÂëÕ½ÂÔ

ÉèÖÃÃÜÂëÕ½ÂÔ¿ÉÒÔÒªÇóÓû§ÔÚ½¨Éè»ò¸ü¸ÄÃÜÂëʱ×ñÊØÒ»¶¨µÄ¹æÔò£¬ÈçÃÜÂ볤¶È¡¢ÖØƯºó¡¢ÓÐÓÃÆڵȡ
£¿ÉÒÔʹÓÃPAM£¨Pluggable Authentication Modules£©Ä
£¿éÀ´ÉèÖÃÃÜÂëÕ½ÂÔ¡£ÒÔÏÂÊÇÒ»¸öʾÀý´úÂ룺

sudo apt-get install libpam-pwquality

µÇ¼ºó¸´ÖÆ

ÆôÓÃÃÜÂëÖØƯºó¼ì²é

¿ªÆôÃÜÂëÖØƯºó¼ì²é¿ÉÒÔ±ÜÃâÓû§ÉèÖùýÓÚ¼òÆÓµÄÃÜÂë£¬´Ó¶øÌá¸ßÃÜÂëµÄÇå¾²ÐÔ¡£ÔÚ/etc/pam.d/common-passwordÎļþÖÐÌí¼ÓÒÔÏÂÐУº

password requisite pam_pwquality.so retry=3

µÇ¼ºó¸´ÖÆ

×ܽá

ÒÔÉÏÊÇһЩȷ±£LinuxÓû§ÃÜÂëÎļþÇå¾²ÐÔµÄÒªÁì£¬Í¨¹ý׼ȷÉèÖÃȨÏÞ¡¢Ê¹ÓÃÃÜÂë¹þÏ£Ëã·¨¡¢°´ÆÚ¸ü¸ÄÃÜÂ롢ʹÓÃÃÜÂëÕ½ÂÔºÍÃÜÂëÖØƯºó¼ì²éµÈ²½·¥£¬¿ÉÒÔÓÐÓñ£»¤Óû§ÃÜÂëÎļþ²»±»¹¥»÷»òй¶¡£ÔÚÏÖʵӦÓÃÖÐ£¬»¹Ó¦¸Ãƾ֤ÐèÇóºÍÇéÐÎÎÞаÉèÖÃ£¬±£»¤ÏµÍ³µÄÇå¾²¡£

(end ofÎÄ)

ÒÔÉϾÍÊÇÔõÑùÈ·±£LinuxÓû§ÃÜÂëÎļþµÄÇå¾²ÐÔµÄÏêϸÄÚÈÝ£¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡