Account and Access Control

authselect enable-feature with-pwhistory

authselect enable-feature with-pwhistory

password requisite pam_cracklib.so try_first_pass retry=3

password required pam_cracklib.so try_first_pass retry=3 maxrepeat=3 minlen=14 dcredit=-1 ucredit=-1 ocredit=-1 lcredit=-1 difok=4

password    requisite     pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type=

difok = 4
minlen = 14
dcredit = -1
ucredit = -1
lcredit = -1
ocredit = -1
maxrepeat = 3

password    sufficient    pam_unix.so sha512 other arguments...

INACTIVE=

$ sudo getent passwd | awk -F: '{ print $1}' | uniq -d

PASS_MAX_DAYS 

PASS_MIN_LEN 

$ sudo chage -M  USER

PASS_WARN_AGE 

$ sudo awk -F: '!$2 {print $1}' /etc/shadow

$ sudo passwd [username]

$ sudo passwd -l [username]

$ sudo echo > /etc/securetty

$ sudo usermod -s /sbin/nologin account

ttyS0
ttyS1

vc/1
vc/2
vc/3
vc/4