https://community.hpe.com/t5/operating-system-hp-ux/etc-shadow/m-p/3042371#M134580 Hi,<BR /><BR />HP-UX doesn't use an /etc/shadow file. You are right in saying that the /tcb hierarchy contains the required information.<BR /><BR /><BR />Hope this helps.<BR /><BR /> Wed, 06 Aug 2003 08:06:45 GMT Tim Adamson_1 2003-08-06T08:06:45Z https://community.hpe.com/t5/operating-system-hp-ux/etc-shadow/m-p/3042368#M134577 I've been asked to supply a shadow file for an audit. We're running a trusted system on 10.20 (decided to run on this until changing systems entirely).<BR /><BR />My understanding is that all the passwords live in /tcb/files...<BR />Is there a shadow file as well?<BR /><BR />PS: Which is better?<BR /><BR />Thanks hugely for all comments, suggestions and advice. Wed, 06 Aug 2003 07:41:10 GMT https://community.hpe.com/t5/operating-system-hp-ux/etc-shadow/m-p/3042368#M134577 Gavin Clarke 2003-08-06T07:41:10Z https://community.hpe.com/t5/operating-system-hp-ux/etc-shadow/m-p/3042369#M134578 Hi,<BR /><BR />If it is a trusted system then /etc/shadow file is not used. Instead the files for users under /tcb/files/auth/ directory.<BR /><BR />Give those files for analysis. <BR /><BR />regards,<BR /><BR />U.SivaKumar Wed, 06 Aug 2003 08:00:31 GMT https://community.hpe.com/t5/operating-system-hp-ux/etc-shadow/m-p/3042369#M134578 U.SivaKumar_2 2003-08-06T08:00:31Z https://community.hpe.com/t5/operating-system-hp-ux/etc-shadow/m-p/3042370#M134579 Hi,<BR /><BR />You are correct, trusted system lives in /tcb, and there is no shadow file.<BR /><BR />Maybe this helps ...<BR /><BR /><A href="http://www.ussg.iu.edu/usail/tasks/security/hp/hp.html" target="_blank">http://www.ussg.iu.edu/usail/tasks/security/hp/hp.html</A><BR /><BR />And about Shadow check this ...<BR /><BR /><A href="http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=ShadowPassword" target="_blank">http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=ShadowPassword</A><BR /><BR />I think you can supply the trusted system for an audit ( /etc/passwd with no encrypted passwd ... )<BR />Hope this helps.<BR /><BR />Regards,<BR />Zigor Wed, 06 Aug 2003 08:02:56 GMT https://community.hpe.com/t5/operating-system-hp-ux/etc-shadow/m-p/3042370#M134579 Zigor Buruaga 2003-08-06T08:02:56Z https://community.hpe.com/t5/operating-system-hp-ux/etc-shadow/m-p/3042371#M134580 Hi,<BR /><BR />HP-UX doesn't use an /etc/shadow file. You are right in saying that the /tcb hierarchy contains the required information.<BR /><BR /><BR />Hope this helps.<BR /><BR /> Wed, 06 Aug 2003 08:06:45 GMT https://community.hpe.com/t5/operating-system-hp-ux/etc-shadow/m-p/3042371#M134580 Tim Adamson_1 2003-08-06T08:06:45Z https://community.hpe.com/t5/operating-system-hp-ux/etc-shadow/m-p/3042372#M134581 Great stuff, Thankyou all so much for confirming my suspicions.<BR /><BR />Tim, I read in a post that you can get a shadow password file on 11i, which is why I asked which is better. Thanks very much for your reply, it has helped me alot. Wed, 06 Aug 2003 08:13:03 GMT https://community.hpe.com/t5/operating-system-hp-ux/etc-shadow/m-p/3042372#M134581 Gavin Clarke 2003-08-06T08:13:03Z https://community.hpe.com/t5/operating-system-hp-ux/etc-shadow/m-p/3042373#M134582 Congratulations on your graduation too! Wed, 06 Aug 2003 08:16:25 GMT https://community.hpe.com/t5/operating-system-hp-ux/etc-shadow/m-p/3042373#M134582 Gavin Clarke 2003-08-06T08:16:25Z https://community.hpe.com/t5/operating-system-hp-ux/etc-shadow/m-p/3042374#M134583 Hi,<BR /><BR />In HP-UX 11iv1.6 they introduce a new Shadow Password feature so that post is correct.<BR /><BR />Check the 11iv1.6 release notes at <A href="http://www.docs.hp.com." target="_blank">www.docs.hp.com.</A> <BR /><BR />I have no idea if it will be supported after that vrsion of HP-UX.<BR /><BR />I hope that clarifies things. Probably makes it muddier :p<BR /><BR /><BR />Cheers Wed, 06 Aug 2003 08:30:54 GMT https://community.hpe.com/t5/operating-system-hp-ux/etc-shadow/m-p/3042374#M134583 Tim Adamson_1 2003-08-06T08:30:54Z https://community.hpe.com/t5/operating-system-hp-ux/etc-shadow/m-p/3042375#M134584 Just being picky really.<BR /><BR />I suppose I could pursue the shadow vs. trusted question, however since we're not running that version yet, well I might just find a cup of tea and create some user accounts that have been awaiting my attention instead. Funny how the little important things get brushed aside when there's an audit going on.<BR /><BR />Thanks again for your help. Wed, 06 Aug 2003 08:46:02 GMT https://community.hpe.com/t5/operating-system-hp-ux/etc-shadow/m-p/3042375#M134584 Gavin Clarke 2003-08-06T08:46:02Z