HPE Community
Operating System - HP-UX
1753776 Members
7060 Online
108799 Solutions
New Discussion юеВ

passwd comments in the logins cmd

 
SOLVED
Go to solution
Peter Gillis
Super Advisor

тАО10-26-2004 01:37 PM

тАО10-26-2004 01:37 PM

passwd comments in the logins cmd

HI,
ux11.11v1, untrusted sys.
`logins -x` cmd the output shows a third column after the 'time between paswd changes in days' and the 'expiration time in days' columns. I can find no explanantion for this info. Can anyone tell me what it is indicating. Our values include -1 in this column.

Thanks
Maria.
0 Kudos
5 REPLIES 5
Sridhar Bhaskarla
Honored Contributor

тАО10-26-2004 02:19 PM

тАО10-26-2004 02:19 PM

Re: passwd comments in the logins cmd

Hi,

'time between passwd changes' and 'expiration time in days' will have meaningful information trusted systems. 'time between passwd changes' is the minimum time required between the password changes. If you change the password now, it means you will have wait that long to change your password again. "expiration time in days' is the number of days after your password will expire. -1 indicates that this attribute is not applicable.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
D Block 2
Respected Contributor

тАО10-26-2004 02:38 PM

тАО10-26-2004 02:38 PM

Re: passwd comments in the logins cmd

I also see:
PS 000000 -1 -1 -1
on a non-trusted system.

Golf is a Good Walk Spoiled, Mark Twain.
0 Kudos
Peter Gillis
Super Advisor

тАО10-26-2004 03:01 PM

тАО10-26-2004 03:01 PM

Re: passwd comments in the logins cmd

Sridah, Tom, thanks for reply. I am running untrusted system, but from the output the 'time between change' and expiration' cols do appear to be valid for most of the users but I too have a number of entries with 'PS 000000 -1 -1 -1'. I understand this is a valid password, but not the -1 -1 -1. would this have anything to do with having carried out op system upgrades through the life of the system and its users? Also, I have some (quite a few actually) entries with 'PS 010170 7 0 -1' . This date looks like somekind of default date. Any thoughts on how I can get all my date entries to make sense or have erasonable explanations??

Thanks heaps for responses...plenty of points around..
Maria
0 Kudos
Sridhar Bhaskarla
Honored Contributor

тАО10-26-2004 03:46 PM

тАО10-26-2004 03:46 PM

Solution

Re: passwd comments in the logins cmd

Hi Maria,

Even in case of non-trusted systems, it is possible to maintain password expiry options to certain extent. Look at 'man 4 passwd' on constructing password aging. 010170 has a signifance as it is the base date for UNIX implementations. If you find an encrypted password string trailing by a ',', then password aging is applied to that account. The first character followed by , denotes the number of weeks before the password will expire. Next character is the 'minimum time between the password changes'. Look at the above man page for more information.

For the logins where you are seeing some meaningful output, check the encrypted string. It should have a format similar to above.

-Sri

You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Peter Gillis
Super Advisor

тАО01-10-2005 10:28 AM

тАО01-10-2005 10:28 AM

Re: passwd comments in the logins cmd

thanks
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.