ESXi
Password:
With VMware ESXi 6, password policy require to use
more complex passwords. ESXi enforces
password requirements for direct access from the DCUI, ESXi Shell, SSH, or the vSphere web Client.
In previous versions of ESXi, password complexity changes had to be made by editing the /etc/pam.d/passwd file on each ESXi host.
In vSphere 6.0 now this can be done by adding an entry in Host Advanced System Settings, enabling centrally managed setting changes for all hosts in a cluster.
In previous versions of ESXi, password complexity changes had to be made by editing the /etc/pam.d/passwd file on each ESXi host.
In vSphere 6.0 now this can be done by adding an entry in Host Advanced System Settings, enabling centrally managed setting changes for all hosts in a cluster.
The password policy in ESXi 6 has following requirements:
- Passwords must contain characters from at least three character classes.
- Passwords containing characters from three character classes must be at least seven characters long.
- Passwords containing characters from all four character classes must be at least seven characters long.
- An uppercase character that begins a password does not count toward the number of character classes used.
- A number that ends a password does not count toward the number of character classes used.
- The password cannot contain a dictionary word or part of a dictionary word.
The default configuration ESXi 6 is
"ESXi 6: retry=3 min=disabled,disabled,disabled,7,7"
whereas in ESXi 5.5 it was
"ESXi 5: retry=3 min=8,8,8,7,6"
It means that passwords with one or two character classes and pass phases are not allowed, as indicated by the first three disabled items.
Passwords from three and four character classes require seven characters.
ESXi Pass Phrase:
"ESXi 6: retry=3 min=disabled,disabled,disabled,7,7"
whereas in ESXi 5.5 it was
"ESXi 5: retry=3 min=8,8,8,7,6"
It means that passwords with one or two character classes and pass phases are not allowed, as indicated by the first three disabled items.
Passwords from three and four character classes require seven characters.
ESXi Pass Phrase:
We can
also use a pass phrase for ESXi host instead of passwords, however, pass phrases are disabled by default.
We can
change this default settings, by using the
Security.PasswordQualityControl
advanced option for your
ESXi host from
the
vSphere Web
Client.
A passphrase requires at least 3 words, can be 8 to 40 characters long, and must contain enough different characters.
A passphrase requires at least 3 words, can be 8 to 40 characters long, and must contain enough different characters.
is there a limitation of which special characters can be used?
ReplyDelete