VCSA and ESXi password security

vcsa password security

I recently went looking for information on password security for the VCSA 6.0 & 6.5 and ESXi 6.0 & 6.5. Most specifically, I was interest in the number of passwords remembered, so I could define that in documentation for a client.

Try as I might, I couldn’t find documentation for VCSA number of passwords remembered or how to configure it anywhere!

There’s no real difference between ESXi 6.0 and 6.5, but there is a big difference between VCSA 6.0 and 6.5, here it is:

The number of passwords remembered for VCSA 6 is five

VCSA 6.0 remembers 5 passwords by default. The file you are looking for to define the number of passwords remembered is: /etc/pam.d/common-passwd

The number of passwords remembered for VCSA 6.5 is zero

Apparently, VMware has gotten on-board with new Digital Identity Guidelines by the NIST, as the number of passwords remembered for VCSA 6.5 is 0. The file determining such things in VCSA 6.5 is: /etc/pam.d/passwd

The number of passwords remembered for ESXi 6.5 is zero

The file determining such things in ESXi 6.0 and 6.5 is: /etc/pam.d/passwd.

John Borhek

John Borhek (VCP 3-6) is the IT Director and Lead Solutions Architect at VMsources Group Inc. and an active consultant specializing in VMware vSphere, Linux, Networking and Infrastructure Design.

Leave a Reply

Your email address will not be published. Required fields are marked *