One of the most practical ways that we have at hand to protect all the information that we manage daily, regardless of the operating system used, are the passwords.
Recommendations to create a secure password:
To create a safe, stable and robust password, we must bear in mind the following conditions:
- Use numbers, symbols, uppercase and lowercase letters.
- Do not use essential dates, phone numbers, identification documents, etc.
- Set a large number of characters to make it almost impossible to be discovered.
Create a Secure Password in Ubuntu
For this case, we use Ubuntu 16.10.
In Linux we have some tools that give us the ability to automatically generate a secure password , this is why we often do not know which one to assign.
An example of this is if we use GPG or OpenSSL in the operating system, these tools will allow us to create a secure password.
In case of not having them, we can install them using the following commands:
sudo apt-get install gnupg2 sudo apt-get install openssl
If we create the password with GPG we will execute the following command:
gpg --gen-random --armor 1 32
If we want to use OpenSSL we will use the following command:
openssl rand -base64 32
Verify the Strength of a Password in Ubuntu
To verify this, we will install an application called cracklib which analyzes all aspects of the password and issues a result.
To install cracklib in Ubuntu or Debian we will use the following command:
sudo apt-get install libcrack2
For installation in Fedora, CentOS or RedHat we will use the following:
sudo yum install cracklib
Once the application is installed, we will use the cracklib-check parameter to check the status of the password.
For example, we will analyze a simple password to know. We see that it is too simple.
echo "1234abc" | cracklib-check
Now we can check a secure password using this same method or using the following command:
There we copy the password to validate and this will be the result.
If the result is OK it indicates that our password is safe, now, we must be careful and keep this password in one place in case, it is possible, we will forget it.
Manage passwords using Chage in Ubuntu
Chage is a command that gives us the possibility to manage all the parameters of user passwords in Linux.
The basic syntax for using chage is as follows:
chage [options] user chage -help (for more information)
How to Use Chage in Ubuntu
One way to know the status of an account is using the -l parameter, for example:
sudo chage –l root
The root account information will be displayed in Linux.
If we want to force a certain user to modify his password we can use the -M parameter, in this case we will use the following syntax:
chage -M # user days
We can see the change in the affected user's account:
If, on the contrary, we wish to establish a specific date for the expiration of an account, we will use the following syntax:
chage -E "AAAA-MM-DD" user
If we want an account to be blocked after a period of inactivity, as with many users, we will use the following:
chage -I 8 root
To establish the minimum number of days to change the password of a certain user, we will use the following:
chage -m (days) user
Finally, to issue a warning message to the user about the expiration of his password we can use the following:
chage -W 15 user
15 days before the expiry of the password, the user will be informed so that he/she can make the respective change.
Chage offers us multiple options for all password settings of users and in this way to have a more centralized control over these.