And now it throws out a better error message for both root and regular users when they fail changing their passwords:
ROOT:
root@ehud:/etc/pam.d# passwd
Enter new UNIX password:
Retype new UNIX password:
Sorry, passwords do not match
passwd: Authentication information cannot be recovered
passwd: password unchanged
root@ehud:/etc/pam.d#
USERX:
userX@ehud:/$ passwd
Changing password for userX.
(current) UNIX password:
Enter new UNIX password:
Retype new UNIX password:
Sorry, passwords do not match
passwd: Authentication information cannot be recovered
passwd: password unchanged
userX@ehud:/$
That seems to have fixed it. I changed that entry in /etc/pam. d/common- password like this:
#password [success=1 default=ignore] pam_unix.so obscure sha512
password required pam_unix.so obscure sha512
And now it throws out a better error message for both root and regular users when they fail changing their passwords:
ROOT: /etc/pam. d# passwd /etc/pam. d#
root@ehud:
Enter new UNIX password:
Retype new UNIX password:
Sorry, passwords do not match
passwd: Authentication information cannot be recovered
passwd: password unchanged
root@ehud:
USERX:
userX@ehud:/$ passwd
Changing password for userX.
(current) UNIX password:
Enter new UNIX password:
Retype new UNIX password:
Sorry, passwords do not match
passwd: Authentication information cannot be recovered
passwd: password unchanged
userX@ehud:/$