Tuesday, February 17, 2015

Temporarily disabling password complexity on hardened CentOS 6.5


Navigate to etc/pam.d
(system-auth is symbolic link to system-auth-ac)

Rename original file:
"mv system-auth-ac system-auth-ac-backup"

Create a new file
"cp system-auth-ac-backup system-auth-ac"

Edit "system-auth-ac"
Look for line that starts with "password required pam_cracklib.so"
Change parameters "minlen=1", "dcredit=0", "ucredit=0", "ocredit=0", "lcredit=0"
Save the file (No reboot is required)
Change password with "passwd"

Revert original file:
"cp system-auth-ac-backup system-auth-ac"

Remove bash history
make sure you're in your "profile" directory
"rm .bash_history" - you will be prompted if you want to delete the file.

Patching CentOS 6.5 on VMware

Just a quick and dirty post for my future reference.

Sometimes, the OS gets confused. Especially if there are additional lines for VMXNET.
When you run "system-config-network", eth0 should show the VMware NIC type, for example "VMXNET3"

Otherwise;
1. Remove the unnecessary lines from /etc/udev/rules.d/70-persistent-net.rules
2. Make sure the MAC address matches matches the ESXi assigned
3. Restart the services "service network restart"
4. "yum clean all" (in case cache is pointing to dead update locations)
4. yum update

Location of network configuration file: (assumption for 1st network adapter)
/etc/sysconfig/network-scripts/ifcfg-eth0