Hi,
How to configure minimum passphrase (Not UNIX password) requirements on any UNIX box?
Passphrase - the one user enteres while generating pub/pvt keys using ssh-keygen.
Thanks!
Reddy
I assume you mean ssh-keygen -N newpassphrase or the passphrase that is asked for during keygen.. There is nothing in the docset on this. The reason is that the passphrase is optional. You can hit return twice (NULL passphrase) to off the passphrase completely.
Thank you jim for the reply.
I know its optional and need to be kept null for passwordless ssh. But our company security policies force IT team to set it. Now we need to set minimum requirements for this passphrase as 8 char length.
regards,
reddy
You cannot let users access the ssh-keygen image directly.
Put ssh-keygen in a special directory, then create a shell script with the same name in place of ssh-keygen that intercepts passpahrase changes and enforces the IT security ruleset. It then calls ssh-keygen correctly when needed.