ā12-11-2013 08:46 AM - edited ā07-04-2021 01:24 AM
Seting up 7.4.100 VM MSE via ./setup.sh and can not figure out how to turn off enforcement of strong passwords, like length and characeter class requirements for userid 'root'. Tried changing the audit parms and the minimun length is disabled, but no luck. any body got a suggestions?
Solved! Go to Solution.
ā12-11-2013 11:07 AM
Hi Bruce,
Did you try to change the root password, once you disabled the strong password & acceptable pw length checking disabled. I have done that first & then change the root password to Cisco123 as shown below.
Try it & see.
[root@msedev ~]# /opt/mse/setup/setup.sh
--------------------------------------------------------------
Welcome to the Cisco Mobility Services Engine appliance setup.
You may exit the setup at any time by typing
--------------------------------------------------------------
Would you like to configure MSE using menu options (yes/no): yes
--------------------------------------------------------------
Configure MSE:
1) Display current configuration 13) Audit rules
2) Hostname * 14) Login banner
3) Domain 15) System control restrictions
4) High availability role 16) SSH root access
5) Network interface eth0 settings * 17) Single user password check
6) Network interface eth1 settings 18) Root password *
7) DNS settings 19) Login and password settings
8) Timezone settings * 20) GRUB password
9) Future restart time 21) NCS communication username *
10) Remote syslog settings 22) NCS communication password *
11) Firewall settings 23) ## Verify and apply changes ##
12) NTP settings
Please enter your choice [1 - 23]: 19
Login and password strength related parameter setup
Maximum number of days a password may be used : 99999
Minimum number of days allowed between password changes : 0
Minimum acceptable password length : disabled
Login delay after failed login : 5
Checking for strong passwords is currently disabled.
These settings will not take effect until after setup completes.
Configure MSE:
1) Display current configuration 13) Audit rules
2) Hostname * 14) Login banner
3) Domain 15) System control restrictions
4) High availability role 16) SSH root access
5) Network interface eth0 settings * 17) Single user password check
6) Network interface eth1 settings 18) Root password *
7) DNS settings 19) Login and password settings
8) Timezone settings * 20) GRUB password
9) Future restart time 21) NCS communication username *
10) Remote syslog settings 22) NCS communication password *
11) Firewall settings 23) ## Verify and apply changes ##
12) NTP settings
Please enter your choice [1 - 23]:23
Please verify the following setup information.
-----------------------------BEGIN----------------------------
Password/Login parameters :
Password min length = 14
Password min days = 0
Password max days = 99999
Failed login delay = 5
Strong password checking = no
------------------------------END-----------------------------
You may enter "yes" to proceed with configuration, "no" to make
more changes.
Configuration Changed
Is the above information correct (yes or no): yes
--------------------------------------------------------------
Checking mandatory configuration information...
Mandatory parameters (Hostname, Network interface eth0,
Timezone, Root password, NCS username and NCS password)
have all been configured
--------------------------------------------------------------
Setup will now attempt to apply the configuration.
Setting password/login parameters....
Restarting network services with new settings.
Shutting down interface eth0: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: [ OK ]
***Configuration successful***
Restarting MSE framework service.
Stopping MSE Platform
.
MSE platform shutdown complete
Starting MSE Platform
.
.
[root@msedev ~]# /opt/mse/setup/setup.sh
Please enter your choice [1 - 23]: 18
Root password is currently configured
Configure root password? (Y)es/(S)kip/(U)se default [Skip]: yes
Changing password for user root.
You can now choose the new password.
A valid password should be a mix of upper and lower case letters,
digits, and other characters. You can use a 14 character long
password with characters from all of these classes. An upper
case letter that begins the password and a digit that ends it do
not count towards the number of character classes used.
Enter new password: Cisco123
Weak password: too short.
Re-type new password:Cisco123
passwd: all authentication tokens updated successfully.
Please enter your choice [1 - 23]: 23
Please verify the following setup information.
-----------------------------BEGIN----------------------------
Password/Login parameters :
Password min length = 14
Password min days = 0
Password max days = 99999
Failed login delay = 5
Strong password checking = no
Root password is changed.
------------------------------END-----------------------------
You may enter "yes" to proceed with configuration, "no" to make
more changes.
Configuration Changed
Is the above information correct (yes or no): yes
HTH
Rasika
**** Pls rate all useful responses ****
ā12-11-2013 11:07 AM
Hi Bruce,
Did you try to change the root password, once you disabled the strong password & acceptable pw length checking disabled. I have done that first & then change the root password to Cisco123 as shown below.
Try it & see.
[root@msedev ~]# /opt/mse/setup/setup.sh
--------------------------------------------------------------
Welcome to the Cisco Mobility Services Engine appliance setup.
You may exit the setup at any time by typing
--------------------------------------------------------------
Would you like to configure MSE using menu options (yes/no): yes
--------------------------------------------------------------
Configure MSE:
1) Display current configuration 13) Audit rules
2) Hostname * 14) Login banner
3) Domain 15) System control restrictions
4) High availability role 16) SSH root access
5) Network interface eth0 settings * 17) Single user password check
6) Network interface eth1 settings 18) Root password *
7) DNS settings 19) Login and password settings
8) Timezone settings * 20) GRUB password
9) Future restart time 21) NCS communication username *
10) Remote syslog settings 22) NCS communication password *
11) Firewall settings 23) ## Verify and apply changes ##
12) NTP settings
Please enter your choice [1 - 23]: 19
Login and password strength related parameter setup
Maximum number of days a password may be used : 99999
Minimum number of days allowed between password changes : 0
Minimum acceptable password length : disabled
Login delay after failed login : 5
Checking for strong passwords is currently disabled.
These settings will not take effect until after setup completes.
Configure MSE:
1) Display current configuration 13) Audit rules
2) Hostname * 14) Login banner
3) Domain 15) System control restrictions
4) High availability role 16) SSH root access
5) Network interface eth0 settings * 17) Single user password check
6) Network interface eth1 settings 18) Root password *
7) DNS settings 19) Login and password settings
8) Timezone settings * 20) GRUB password
9) Future restart time 21) NCS communication username *
10) Remote syslog settings 22) NCS communication password *
11) Firewall settings 23) ## Verify and apply changes ##
12) NTP settings
Please enter your choice [1 - 23]:23
Please verify the following setup information.
-----------------------------BEGIN----------------------------
Password/Login parameters :
Password min length = 14
Password min days = 0
Password max days = 99999
Failed login delay = 5
Strong password checking = no
------------------------------END-----------------------------
You may enter "yes" to proceed with configuration, "no" to make
more changes.
Configuration Changed
Is the above information correct (yes or no): yes
--------------------------------------------------------------
Checking mandatory configuration information...
Mandatory parameters (Hostname, Network interface eth0,
Timezone, Root password, NCS username and NCS password)
have all been configured
--------------------------------------------------------------
Setup will now attempt to apply the configuration.
Setting password/login parameters....
Restarting network services with new settings.
Shutting down interface eth0: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: [ OK ]
***Configuration successful***
Restarting MSE framework service.
Stopping MSE Platform
.
MSE platform shutdown complete
Starting MSE Platform
.
.
[root@msedev ~]# /opt/mse/setup/setup.sh
Please enter your choice [1 - 23]: 18
Root password is currently configured
Configure root password? (Y)es/(S)kip/(U)se default [Skip]: yes
Changing password for user root.
You can now choose the new password.
A valid password should be a mix of upper and lower case letters,
digits, and other characters. You can use a 14 character long
password with characters from all of these classes. An upper
case letter that begins the password and a digit that ends it do
not count towards the number of character classes used.
Enter new password: Cisco123
Weak password: too short.
Re-type new password:Cisco123
passwd: all authentication tokens updated successfully.
Please enter your choice [1 - 23]: 23
Please verify the following setup information.
-----------------------------BEGIN----------------------------
Password/Login parameters :
Password min length = 14
Password min days = 0
Password max days = 99999
Failed login delay = 5
Strong password checking = no
Root password is changed.
------------------------------END-----------------------------
You may enter "yes" to proceed with configuration, "no" to make
more changes.
Configuration Changed
Is the above information correct (yes or no): yes
HTH
Rasika
**** Pls rate all useful responses ****
ā12-12-2013 07:19 AM
I assumed the "weak password" message indicated it wasn't taken. Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide