pwhistory.conf - Man Page

pam_pwhistory configuration file

Description

pwhistory.conf provides a way to configure the default settings for saving the last passwords for each user. This file is read by the pam_pwhistory module and is the preferred method over configuring pam_pwhistory directly.

The file has a very simple name = value format with possible comments starting with # character. The whitespace at the beginning of line, end of line, and around the = sign is ignored.

Options

debug

Turns on debugging via syslog(3).

enforce_for_root

If this option is set, the check is enforced for root, too.

remember=N

The last N passwords for each user are saved. The default is 10. Value of 0 makes the module to keep the existing contents of the opasswd file unchanged.

retry=N

Prompt user at most N times before returning with error. The default is 1.

file=/path/filename

Store password history in file /path/filename rather than the default location. The default location is /etc/security/opasswd.

Examples

/etc/security/pwhistory.conf file example:

debug
remember=5
file=/tmp/opasswd

Files

/etc/security/pwhistory.conf

the config file for custom options

See Also

pwhistory(8), pam_pwhistory(8), pam.conf(5), pam.d(5), pam(8)

Author

pam_pwhistory was written by Thorsten Kukuk. The support for pwhistory.conf was written by Iker Pedrosa.

Referenced By

pam_pwhistory(8).

07/22/2022 Linux-PAM Manual