We have a 8 character minimum password requirement for SUSE. Our servers have been configured in at least two different ways to meet this requirement. In one case we use the Qualys control 6379
to check. In the other we had to create a custom control CID:100491.
I’ve copied the expected values below. Is there any way we can combine these two
checks into one control?
CID 6379: The following Integer value X indicates the
current minlen setting within the /etc/pam.d/system-auth file.
* * * * * Expected Value(s) * * * * *
greater than or equal to
OR, any of the selected values below:
[ ] Setting not found
[ ] File not found
CID: 100491 Custom control
File path: /etc/pam.d/common-password-pc
(password *requisite *pam_pwcheck.so *nullok cracklib
*minlen=16|password *requisite *pam_pwcheck.so *nullok cracklib *minlen=8)