The YaST Local Security Settings serve as the GUI front end for PAM. Go to Security and
Users in YaST and then to Local Security. On the first page, you can choose from three
default configurations: Home Workstation (a standalone personal or family computer not
connected to the Internet), Networked Workstation (for networked computers, either with
other machines on a local area network or with an Internet connection), or Network
Server (the highest level of security). Chances are you will want the Networked
Workstation option as a base. You can certainly leave things at that, but perhaps you
want to tweak the settings.
Table 19.1 shows the differences in settings between the three default configurations.
TABLE 19.1 YaST Default Security Settings
Setting Level 1 Home Level 2 Networked Level 3 Network
Workstation Workstation Server
Checking New Passwords N Y Y
Test for Complicated Password N N N
Password Encryption Method Blowfish Blowfish Blowfish
Minimum Acceptable 5 5 6
Password Length
Minimum Days to Password 0 1 1
Change Warning
Maximum Days to Password 99999 99999 99999
Change Warning
Days Before Password Expires Warning 7 14 14
Ctrl+Alt+Del Reboot Ignore Ignore
Shutdown Behavior All Users Only Root Only Root
Delay After Incorrect Login Attempt 1 6 3
Record Failed Logins Y Y Y
Record Successful Logins Y Y Y
Allow Remote Graphical Login N N N
User ID Limitations 1000??“60000 1000??“60000 1000??“60000
Group ID Limitations 1000??“60000 1000??“60000 1000??“60000
Setting of File Permissions Easy Easy Secure
User Launching UpdateDB Root Nobody Nobody
Current Dir in Root??™s Path Y N N
Current Dir in Path of Regular Users Y N N
Enable Magic SysRq Keys N N N
CHAPTER 19 Managing Users, Managing Security 412
To change any of these defaults, you must click Details.
Pages:
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831