Linux password security

Home > tools > Linux password security

Linux password security

December 13th, 2009 madiga Leave a comment Go to comments

We all know that Linux server hacks most commonly occur via weak passwords on the system. Hacking into a server using legitimate user and password is the oldest and by far the most successful methods of gaining access to Unix systems.

Preventing this is simple. Enforce your users to use passwords that aren’t easily guessable. I came across a nice tool called pwgen. Follow the steps below to download and generate stronger passwords:

$ wget http://cdnetworks-us-2.dl.sourceforge.net/project/pwgen/pwgen/
2.06/pwgen-2.06.tar.gz
$ tar xvf pwgen-2.06.tar.gz
$ cd pwgen-2.06
$ ./configure;make;sudo make install

You’re done with the install. Now to generate a set of passwords, type:

$ pwgen
Ahph1che ya2aeMuc ahtho1Ta wahPh5pa Eemu6ooX ohJuo1ah Koovoi5n aeXoh6ie
Ohzee0fu einie8Um fahNg5sh eWae8jar AhFaif6I AaNgaL8g iCeiv9si yae7ahLi
Ko7Ao7mu uQue4Moh uth1chiX ahfaix5A Choo2ahN poP5iu3p ooGhei8e xo3ohWah
ohHaej9O zeire0Aa wiuThij6 ier0vaeL eiVoo3ia Tij6Eez0 aish0Mom Aeca6AeH
.......

Here are the full set of options:

$ pwgen -z
pwgen: invalid option -- z
Usage: pwgen [ OPTIONS ] [ pw_length ] [ num_pw ]

Options supported by pwgen:
  -c or --capitalize
        Include at least one capital letter in the password
  -A or --no-capitalize
        Don't include capital letters in the password
  -n or --numerals
        Include at least one number in the password
  -0 or --no-numerals
        Don't include numbers in the password
  -y or --symbols
        Include at least one special symbol in the password
  -s or --secure
        Generate completely random passwords
  -B or --ambiguous
        Don't include ambiguous characters in the password
  -h or --help
        Print a help message
  -H or --sha1=path/to/file[#seed]
        Use sha1 hash of given file as a (not so) random generator
  -C
        Print the generated passwords in columns
  -1
        Don't print the generated passwords in columns
  -v or --no-vowels
        Do not use any vowels so as to avoid accidental nasty words

Using this tool, you can easily direct your users to choose a password from this or write a custom script that utilizes pwgen to produce passwords for the users.

Categories: tools Tags:

Comments (0) Trackbacks (0) Leave a comment Trackback

No comments yet.

No trackbacks yet.

Increase your website performance in under 5 seconds! Linux Automation for Absolute Beginners, Part 2

MYNITOR.COM