Verifying Password Management, Session Timeout, and Account Lockout Settings in Proxmox VE

Taro123

New Member
Aug 13, 2024
2
0
1
Hello,

I'm currently conducting a security review of our Proxmox VE environment and need some assistance in verifying various security-related settings. I have looked through the Proxmox VE Administration Guide but couldn't find the specific information I'm looking for—though this might be due to my own lack of expertise. Could you please guide me on the appropriate commands or procedures for checking the following configurations?

1. Password Minimum Length: How can I confirm that the system enforces a minimum password length of at least 8 characters? What steps should I take if the current setting allows shorter passwords?

2. Password Complexity Requirements: Which command should I use to verify that the system requires passwords to include a combination of numbers, letters, and special characters? If the system allows simpler passwords, how can I ensure that the existing passwords meet these complexity requirements?

3. Password Reuse Restriction: How can I check that the system prevents password reuse for at least the past four generations?

4. Account Lockout after Failed Attempts: Which command or configuration file should I check to ensure that the system restricts account access after six consecutive failed login attempts?

5. Session Timeout: What is the recommended way to verify that session timeouts are configured appropriately in Proxmox VE?

Any advice or pointers to relevant sections in the Proxmox VE Administration Guide would be greatly appreciated.

Thank you!
 
Last edited:
There is a reason why you don't see that in the admin guide. Most of it is not possible directly on Proxmox VE.

For points 1-4:

You could probably achieve this if you use an external service to sync users against. For example, LDAP or likely even better: OIDC where the OIDC service is actively part of the login process.

5. Session Timeout: What is the recommended way to verify that session timeouts are configured appropriately in Proxmox VE?
See and chime in there if you need this. The more interest we see, the more likely it is that we spend time on it https://bugzilla.proxmox.com/show_bug.cgi?id=1310
 
Last edited:
Please ignore threads to which you have no constructive contribution :)
We like a civil tone in the forum, and no answer is better than a condescending one.
 
  • Like
Reactions: Neobin
That was not the original post of taro123. It was changed after my post. See last edit! The first Version was about firewall and network.
 
Last edited:
That was not the original post of taro123. It was changed after my post. See last edit! The first Version was about firewall and network.
True, but that doesn't make RFM (Read (the) Fucking Manual?) a more helpful response to work with in my opinion :)

At least some pointers where in the documentation one might find the information would be a lot more helpful already.
 
  • Like
Reactions: Neobin

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!