Shulou(Shulou.com)06/03 Report--

1. If you modify it graphically with Xmanager

1. > smit chuser

2. Enter the user name you want to modify

3. Find the parameter Password MAX.AGE (Num.) The value can be changed to 0.

Maxage parameter meaning: the number of weeks in which the password is valid, indicating the longest time between two password changes, during which time the user must change the password. The attribute is just a positive integer in the range of 0 to 52. When 0 indicates that there is no maximum time limit

Second, if it is a command line modification 1, # smit chuser

2. Enter the user name, and then enter enter

3. Find the "maximum password life [12]", change 12 to 0, and then enter, that is, the execution is successful.

Password MAX.AGE (Num.) The value is changed to 0

Several important password policies

Password MAX. AGE: unit is week, revision period

Password MIN. AGE: unit is week. If it is 1, password change is not allowed within one week (unless this policy is changed)

Password MIN. LENGTH: defines the minimum length of the password

Password MIN. ALPHA characters: defines the number of characters in a password Password MIN. OTHER characters: defines the number of non-characters in a password

Password MAX. REPEATED characters: defines the maximum number of repetitions of letters in a password Password MIN. DIFFERENT characters: the minimum number of repetitions of two passwords Days to WARN USER before password expires: password expiration reminder period

The general parameters for storing users in aix / etc/security/user are as follows

1.account_locked defines whether the account is locked.locked accounts can not be used for login.

Possible values:true or false. Define whether the account is locked and the locked account cannot be logged in. Can be set to true or false

2.admin defines the administrative status of the user. Possible values:true or false. Define the administrative status of the user, which can be set to true or false

3.admgroups lists the groups that the user administrates. List user groups

4.auth2 defines the main authentication methods for users, which are switched through command line login, telnet, remote login and su.

Possible values (1) system General Certification (2) none does not authenticate (3) the name defined by token username in / etc/security/login.cfg

5.daemon defines whether a user can execute system resource controller (src) system resource controller. Possible value: true or false

6.default_role defines the default role of the user

7.dictionlist defines a user password dictionary when a new password is detected. Example: / usr/share/dict/words 8.expires defines the expiration time of a user account. 0 means that it does not expire.

9.histexpires defines how long a user's password can be reused, that is, the number of weeks the user cannot reuse the password (that is, the interval set to the same password). 0 means there is no limit.

10.histsize defines that the new password cannot be the same as the previous ones, with a value of 0-50

Whether 11.login users can log in locally, and the time period during which true or false 12.logintimes users log in

How many times the account has been locked out with the wrong 13.loginretries password. 0 means no limit.

The available time of the 14.maxage password is in weeks. 0 means no limit.

How long after the 15.maxexpired password exceeds maxage, the user may expire?

The number of repeated characters in the 16.maxrepeats password

Minimum time for 17.minage to change password

At least the number of letters contained in the 18.minalpha password

The minimum number of characters required for a new 19.mindiff password is different from that for a simple password.

Minimum length of 20.minlen password

At least the number of special characters in the 21.minother password

Whether 22.rlogin allows remote login, true or false

Does 23.su allow you to switch to this account using su?

Umask of the 24.umask default user

Prompt to change the 25.pwdwarntime password before it expires. Example:

Account_locked = true lock account

Admin = false system administrator

Dictionlist = / usr/share/dict/words data dictionary file

Histexpire = 0 password reuse period (0 weeks, indicates unlimited) histsize = 1 cannot use the last used password login = false disables local login

Loginretries = 3 password retry 3 times and lock up

Maxage = 12 password useful life (12 weeks)

Maxexpired = 2 must change the password maxrepeats = 0 within 2 weeks after reaching the useful life cycle to allow characters to be repeated in the password

Minage = 0 password must not be changed (0 weeks, indicates unlimited) minalpha = 6 passwords must contain 6 letters

Mindiff = 2 password has at least 2 characters different from the old password minlen = 8 password must not be less than 8 characters

The minother = 2 password must contain 2 non-alphabetic characters

Pwdwarntime = 10 prompt to change the password rlogin = true to allow remote login 10 days before the end of the life cycle

Su = true allows other users to switch to this user umask = 027 default file permissions are 750

Sugroups = system allows users of the "system" group to switch

Root: define "root" user configuration

Admin = true system administrator

Login = true allows local login

Rlogin = false prohibits remote login

Account_locked = false enable account

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.