- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: understanding /etc/passwd.
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-10-2009 05:15 AM
тАО03-10-2009 05:15 AM
Solutionin a normal untrusted system, a password of "*" indicates the account was locked.
In your example, lines 1-4 the accounts are locked, while in 5-7 the user has a valid passwd assigned (which is encrypted). you won't see "plaintext" in the password field.
1)cmurphy:*:200:21:C.C.Murphy,US HQ,6588,:/home/murphy:/bin/ksh
2)klabunde:*:252:28:M.C.Klabunde,,,:/home/klabunde:/bin/ksh
3)pwrchute:zf67.sLB9vFPE:257:10:PowerChutePlus,,,:/home/pwrchute:/bin/ksh
4)weber:*:277:32:D.M.Weber,eds,,:/home/weber:/bin/ksh
5)mckeen:xQUDOfLwcnNB6:338:36:C.A.McKeen,EMD LMC,,:/home/ccm/home/mckeen:/bin/ksh
6)ktieman:4Py4ttQiGGxo.:365:36:Ken Tieman,EMD LMC,,:/home/ktieman:/bin/ksh
7)dandawat:xVUyMpkuSeWUY:399:21:Y Dandawate,,,:/home/pz2tl1:/bin
as for "2)How to create encrypted password.?"
Huh? As root, "password
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-11-2009 01:22 AM
тАО03-11-2009 01:22 AM
Re: understanding /etc/passwd.
such as upto which version trusted system available? and in which version shadowed introduced.? and what is the file names such as "/tcb/files/autt" and "/etc/shadow"
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-11-2009 01:54 AM
тАО03-11-2009 01:54 AM
Re: understanding /etc/passwd.
Later, because /etc/passwd had to be world readable to allow various library routines to access the other user details stored there, it was thought that this was insecure, and the /etc/shadow file was added to hold the password hash (still computed in the same way). This file could be readable only by root, as the only routines which needed to access it (login, su, and the like) would have to be effectively running as root.
The implementations of the original passwd and shadow files are fairly consistent across manufacturers, but the various manufacturers implementations of the "trusted systems" concepts are less so. (Possibly this is why trusted systems are now deprecated at 11.31?)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-11-2009 02:10 AM
тАО03-11-2009 02:10 AM
Re: understanding /etc/passwd.
before HP-UX - 9 ---> /etc/passwd
HP-UX 9 ---> /secure/etc/passwd
HP-UX 10+ ---> /tcb/files/auth
HP-UX 11.23+ --> /etc/shadow.
Is this information correct?
which is more secure "/etc/shadow" or "/tcb/file/auth"?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-11-2009 05:48 AM
тАО03-11-2009 05:48 AM
Re: understanding /etc/passwd.
the 'tbc' related stuff indicates that the system in question has been converted to "trusted". Which as JRF noted above, is deprecated at 11.31 (may not be supported int the future)
"shadow" password package is available for 11.11 and up.
as to which is "more secure", I can't address that, but the current direction is moving away from trusted system to shadow password.
of course there are other authentication methods available (LDAP, NIS+ and so forth).
I'm not sure I understand the facination w/ the "history" and which OS versions used what files / methods...especially versions older than 11.xxx.
What is it you are trying to accomplish?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-11-2009 05:56 AM
тАО03-11-2009 05:56 AM
Re: understanding /etc/passwd.
Both shadow and trusted system has it's own features.
shadow password is mainly for shadowing the passwords. It encrypts and storing some place other than /etc/password which others cannot even see it.
Whereas trusted system has features like password policy, account restrictions, auditing and so many.
Ganesh.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-11-2009 05:57 AM
тАО03-11-2009 05:57 AM
Re: understanding /etc/passwd.
Trusted systems were available with HP-UX 10.20 and continue to be available even with 11.31.
Shadow passwords became available with HP-UX 11.11 with an additional software package that you had to install separately. Starting with 11.23, that option came standard with the OS.
I don't know about /secure/etc/passwd. I'm not familiar with that option.
From my recollections:
/etc/passwd -- ALL HP-UX versions
Trusted systems -- /tcb/ structure -- HP-UX 10.20 and later (though this will be desupported in future releases)
Shadow Passwords -- HP-UX 11.11 (with additional software instaleld) -- HP-UX 11.23 and later as standard functionality
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-11-2009 06:14 AM
тАО03-11-2009 06:14 AM
Re: understanding /etc/passwd.
Not only shadow and trusted config. There are lot of security products available for HP
If you want to know more about which product support on which version refer this table. 11iV3 not included.
HP-UX 11.00 11i v1 (11.11) 11i v2 (11.23)
--------------------------------------------------------------------------
Standard System Security x x x
/etc/default/security x x x
Trusted Systems x x x
Shadow Passwords x x
HP-UX Security Containment x
SMSE x
RBAC x
Boot Authenticator x x
Bastille x x x
HIDS x x
Random Number Generator x x
Ganesh.
- Tags:
- SMSE
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-11-2009 06:20 AM
тАО03-11-2009 06:20 AM
Re: understanding /etc/passwd.
HP-UX 11.00 11.11 11.23
-----------------------------------------------------
Standard System Security Y Y Y
/etc/default/security Y Y Y
Trusted Systems Y Y Y
Shadow Passwords N Y Y
HP-UX Security Containment N N Y
SMSE N N Y
RBAC N N Y
Boot Authenticator N Y Y
Bastille Y Y Y
HIDS N Y Y
Random Number Generator N Y Y
Ganesh.
- « Previous
- Next »