HPE Community
Operating System - HP-UX
1760048 Members
3077 Online
108889 Solutions
New Discussion юеВ

Re: Trusted System: Access denied.

 
Gerrit Pretorius
Occasional Advisor

тАО03-28-2007 07:07 PM

тАО03-28-2007 07:07 PM

Trusted System: Access denied.

Hi

When running passwd -f to force him to change passwd at next login, the user gets Access denied. This happens for all users.
Customer is running HP-UX 11:11 and the system is a Trusted system.

Need help!!
0 Kudos
8 REPLIES 8
Darren Prior
Honored Contributor

тАО03-28-2007 08:47 PM

тАО03-28-2007 08:47 PM

Re: Trusted System: Access denied.

Hi Gerrit,

This option is only available to the superuser. Are you able to run passwd -f from root?

regards,

Darren.
Calm down. It's only ones and zeros...
0 Kudos
Gerrit Pretorius
Occasional Advisor

тАО03-28-2007 09:12 PM

тАО03-28-2007 09:12 PM

Re: Trusted System: Access denied.

Darren

The passwd -f option is run as root. The command execute successful but when the user tried to login he gets Access denied. I am currently busy installing Trusted System patches for HP-UX11.11
0 Kudos
Reshma Malusare
Trusted Contributor

тАО03-28-2007 10:04 PM

тАО03-28-2007 10:04 PM

Re: Trusted System: Access denied.

Hi Gerrit,
Please have a look on following thread.It is similar to your problem:

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1112517

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1070087
0 Kudos
Gerrit Pretorius
Occasional Advisor

тАО03-28-2007 10:05 PM

тАО03-28-2007 10:05 PM

Re: Trusted System: Access denied.

Hi

I have converted the system back to a None Trusted system. The user is still getting Access denied after ROOT has run a passwd -f on the username. Evering is fine when changing the user passwd (passwd )
I am getting the following errors in syslog when user attempts the login after the passwd -f change.

Mar 29 11:50:49 tbdev sshd[16519]: PAM rejected by account configuration[10]: Get new authentication token
Mar 29 11:50:49 tbdev sshd[16519]: Failed password for jose from 172.17.5.19 port 1640

This looks more like a PAM issue than a Trusted System issue.

Any ideas...
0 Kudos
Reshma Malusare
Trusted Contributor

тАО03-28-2007 10:12 PM

тАО03-28-2007 10:12 PM

Re: Trusted System: Access denied.

Hi Gerrit,
From the error you got its related to PAM.

The function, pam_sm_authenticate(), is called to verify the identity of the current user. The user is usually required to enter a password or similar authentication token depending upon the authentication scheme configured within the system. The user in question is specified by a prior call to pam_start(), and is referenced by the authentication handle, pamh.

If the user is unknown to the authentication service, the service module should mask this error and continue to prompt the user for a password. It should then return the error, PAM_USER_UNKNOWN.

0 Kudos
Reshma Malusare
Trusted Contributor

тАО03-28-2007 10:15 PM

тАО03-28-2007 10:15 PM

Re: Trusted System: Access denied.

Hi Gerrit,
Refer following document.. Here you will get idea..what exactly happening:
http://docs.hp.com/en/B2355-60130/pam_sm_authenticate.3.html

Thanks & Regards
Reshma

Please also read:
http://forums1.itrc.hp.com/service/forums/helptips.do?#33 on how to reward any useful answers given to your questions.
You have awarded points to 0 of 5 answers.
0 Kudos
Gerrit Pretorius
Occasional Advisor

тАО04-09-2007 08:14 PM

тАО04-09-2007 08:14 PM

Re: Trusted System: Access denied.

Hi

The problem was resolved by install the latest OpenSSH software. We have noticed that when doing a normal telnet to the server, after the passwd -f changed, we are getting the expected output. Only when ssh to the server we gettig Access Denied.

Thanks
Gerrit
0 Kudos
Gerrit Pretorius
Occasional Advisor

тАО04-09-2007 08:21 PM

тАО04-09-2007 08:21 PM

Re: Trusted System: Access denied.

Please see previous entry

thanks
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.