Null password warning

OM IT Services — Fri, 12 Oct 2007 03:47:35 GMT

Why I have this message on 11.23?

HP-UX h3mih268 B.11.23 U ia64 (ta)

login: root
Password:
You are not allowed to have a null password.

On other system 11.23 I put Login:root, Password: "blank"(nothing and press enter) and I have not this message.

???

Re: Null password warning

whiteknight — Fri, 12 Oct 2007 03:52:27 GMT

Hi,

Possible you are using trusted system ?

WK

Re: Null password warning

OM IT Services — Fri, 12 Oct 2007 03:58:58 GMT

trusted is disabled on both system

Re: Null password warning

J. Bravo — Fri, 12 Oct 2007 06:40:48 GMT

Hi!

Do you have checked the /etc/default/security file? It's possible that the ALLOW_NULL_PASSWORD parameter is disabled.

Regards;

J. Bravo.

Re: Null password warning

Torsten. — Fri, 12 Oct 2007 07:00:06 GMT

Message or not - IMHO it is a very bad idea to use the root account without a password.

Anyone with access to the system can destroy everything ...

Re: Null password warning

OM IT Services — Fri, 12 Oct 2007 08:15:51 GMT

there are no entry in /etc/default/security:

h3mih268:/#uname -a
HP-UX h3mih268 B.11.23 U ia64 1157013024 unlimited-user license
h3mih268:/#grep -i null /etc/default/security
h3mih268:/#more /etc/default/security
# Security settings:
# See security(4) for supported variables, their
# interpretation, applicability restrictions,
# and their default values.
#
# NOTE: A short description of each supported variable
# is also provided in this template for your convenience.
# However, many of this information could change in the
# future. For the most up-to-date information, please
# refer to the security(4) man page.

# Do not allow logins unless the home directory exists.
# NOTE: This parameter only applies to the login(1)
# command and other services that call it indirectly.
# ABORT_LOGIN_ON_MISSING_HOMEDIR=1

# Standard and Shadow modes only: Flag to
# enable/disable authentication when booting
# into single user mode
# BOOT_AUTH=0

# Standard and Shadow modes only: When BOOT_AUTH=1,
# the list of users who are given authorization to
# boot the system into single user mode
# BOOT_USERS=root

# Minimum length of NEW passwords.
# MIN_PASSWORD_LENGTH=8

# Check for /etc/nologin at login time. NOTE: This
# parameter only applies to the applications that
# use session management services provided by
# pam_hpsec(5) as configured in /etc/pam.conf, or
# those services that indirectly invoke the
# login(1) command.
# NOLOGIN=1

# Maximum number of logins per user. NOTE: This
# parameter only applies to the applications that
# use session management services provided by
# pam_hpsec(5) as configured in /etc/pam.conf, or
# those services that indirectly invoke the
# login(1) command.
# NUMBER_OF_LOGINS_ALLOWED=0

# Trusted mode only: password history depth
# PASSWORD_HISTORY_DEPTH=4

# Optional restrictions for new passwords
# PASSWORD_MIN_UPPER_CASE_CHARS=0
# PASSWORD_MIN_LOWER_CASE_CHARS=0
# PASSWORD_MIN_DIGIT_CHARS=1
# PASSWORD_MIN_SPECIAL_CHARS=2

# Standard and Shadow modes only: number
# of days that passwords are valid
# PASSWORD_MAXDAYS=175
# PASSWORD_MINDAYS=14

# Shadow mode only: number of days prior to
# password expiration to give a warning
# PASSWORD_WARNDAYS=14

# New PATH upon su
# SU_DEFAULT_PATH=/sbin:/usr/sbin:/bin:/usr/bin

# Force su to propagate specified unsafe
# environment variables.
# SU_KEEP_ENV_VARS=HOME,SHLIB_PATH

# Users attempting to su to root must be a memeber
# of this group
# SU_ROOT_GROUP=wheel

# Default umask value upon login. Note: This
# parameter controls umask(2) of all sessions
# initiated via pam_unix(5) and/or pam_hpsec(5).
# UMASK=022

topic Re: Null password warning in Operating System - HP-UX

Null password warning

Re: Null password warning

Re: Null password warning

Re: Null password warning

Re: Null password warning

Re: Null password warning