# linux密码规则设置

#### 安装密码策略工具

```shell

cat /etc/os-release

rpm -qa|grep libpwquality

yum -y install libpwquality

```

#### 配置密码复杂度策略

```shell


vi /etc/security/pwquality.conf
cat  /etc/security/pwquality.conf

# 最小长度为8位
minlen = 8

# 至少包含1个数字
dcredit = -1

# 至少包含1个大写字母
ucredit = -1

# 至少包含1个小写字母
lcredit = -1


# 至少包含1个特殊符号
ocredit = -1

# 至少需要满足多少个条件（数字，大写，小写，特殊符号）
minclass = 4

# 禁止使用常见弱密码（如"123456"）
dictpath = /usr/share/cracklib/pw_dict


```

##### 一键运行脚本




```shell

sudo cp /etc/security/pwquality.conf{,.bak.$(date +%F-%T)} && \
sudo tee /etc/security/pwquality.conf >/dev/null <<'EOF'
# 最小长度为8位
minlen = 8

# 至少包含1个数字
dcredit = -1

# 至少包含1个大写字母
ucredit = -1

# 至少包含1个小写字母
lcredit = -1

# 至少包含1个特殊符号
ocredit = -1

# 至少需要满足多少个条件（数字，大写，小写，特殊符号）
minclass = 4
EOF


```

#### 验证是否起效

```

echo "123456" | pwscore
echo "12345678" | pwscore
echo "123456#Abc" | pwscore
echo "cZ2{sX" | pwscore
echo "oY0{dA5]" | pwscore

```

#### 查看所有用户

```shell

awk -F: '($7 !~ /nologin|false/) && ($2 !~ /^[*!]/ || $2 ~ /^\$/ ) {printf "%-12s UID:%-5s Shell:%s\n", $1, $3, $7}' /etc/passwd /etc/shadow

```