Not sure if it's what your after but,
look in /etc/login.defs
Wayne

modify /etc/login.def

The login.defs file only controls defaults for new accounts
created via useradd. To set the minimum length of passwords
in RedHat you must update the security policies set with PAM.
I only have RH 7 but I'm sure it works the same in new RH too.

The file you must update is /etc/pam.d/system-auth. Look for
a line like:

password required /lib/security/pam_cracklib.so retry=3 type=

and add "minlen=#" where "#" is the minimum length you want. Note
this is tricky since the default value is 9, not 6! Cracklib
computes the length by giving "credit" for each different type
of character used in the password: uppercase, lowercase, digit,
and other. So if you use all lowercase letters the default setting
requires 8 characters. If you mix upper and lower case letters,
you can use 7 characters. Mix in a digit or two and 6 is the minimum.
Add a space or "!" or some symbol as well, and the default setting
will allow passwords of 5 characters (say "!X1g%").

(The amount of credit per type of character, and other password
parameters can all be tweaked. see:
http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam-6.html#ss6.3
for more details on pam_cracklib.)

A better approach might be to install "pwgen" which generates
strong, pronounceable (at least in theory) passwords. You or
your users can use this program. (Install from source only,
the RPM packages on the net seem to work differently.)

Whatever you do technically, make sure you follow the security
policy at your organization. (If you get to set that, make
sure you document you password policy!)

Finally there is a command "authconfig". If you use authconfig
it will wipe out the changes you made by hand to this file!
I suggest you turn off execute permission on this command to
prevent accidents.

Hope this helps!

-Wayne