Disable password complexity in ESXi 6.5

por | 21 mayo, 2019

After ESXi 6.5 setup is complete, password complexity requirements are enforced for users, esp. root. To change root password to a simple non-complex password by disabling password complexity requirements temporarily use following steps:

  1. SSH to host
  2. vi /etc/pam.d/passwd
  3. Comment first (requisite) and second (sufficient) lines
  4. Copy sufficient line and remove use_auth_ok. Leave this edited line uncommented
  5. Save and exit vim
  6. Change password using passwd command to desired simple (non-complex) password
  7. Again vi /etc/pam.d/passwd and make it same as before
cat /etc/pam.d/passwd

# Change only through host advanced option "Security.PasswordQualityControl".
#password   requisite    /lib/security/$ISA/pam_passwdqc.so retry=3 min=disabled,disabled,disabled,7,7
#password   sufficient   /lib/security/$ISA/pam_unix.so use_authtok nullok shadow sha512
password   sufficient   /lib/security/$ISA/pam_unix.so nullok shadow sha512
password   required     /lib/security/$ISA/pam_deny.so