trust/u_maxlen

minmoo — Tue, 08 Jan 2002 09:52:56 GMT

hi
on the trusted system, u_maxlen is 8.
user had a 8 char password on the untrusted system. When some user login a trusted system, system accept 7 char password. In other words, user types 8 char password, login abort.

help, how can i solve it?

Re: trust/u_maxlen

Alan Casey — Tue, 08 Jan 2002 10:39:16 GMT

The following may help:

Date : 1998 Apr 19
Description : 10.20 trusting of system corrupted passwords > 8 characters
Document Id : A4625674
Search String : trusted system password length

You may provide feedback on this document

View the printer friendly version of this document

--------------------------------------------------------------------------------

Problem Description

When converting my system to trusted, it no longer recognizes
my root password. Why?

Configuration Info

Operating System - HP-UX
Version - 10.20
Hardware System - H50

Solution

On a HP-UX 10.20 trusted system, if your password is greater than 8
characters, and the system is unconverted from trusted (using SAM),
the entry in /etc/passwd can become corrupt.

Also when a user has a password length greater than 8 character on
a non-trusted system, and then the system is converted to trusted,
you can only login with the first 8 characters of that password.

Standard UNIX truncates passwords to 8 characters; C2 UNIX does not.
Passwords greater than 8 characters are truncated to 8 characters
on standard UNIX. After conversion to C2, the user can change the
password to greater than 8 characters.

This problem has been fixed for HP-UX 10.00, 10.01 and 10.10
by patch PHCO_7863.

SAM restricts passwords to 8 characters or less when creating new
accounts; however, the passwd command allows passwords of greater
than 8 characters to be created.

The maximum password length default can be modified through SAM.
By default it is set at 8 characters (system wide).

The path to find it in SAM:

Auditing & Security ->
System Security Policies ->
Password Format Policies

a. At the bottom of the screen you will find:
Maximum password length: 8

b. Change this to the desired length and select OK.

c. You will then see the System Security Policies window,
select OK once more to activate the change.

d. A window containing the following is displayed:

NOTE
successfully changed the system securities policies

e. Select OK

This will work correctly only for new accounts that are established
through SAM after the system has already been converted. There
is still a problem for any user accounts that have passwords
containing 8 or more characters prior to converting to a trusted
system.

Password lengths can also be modified for individual user accounts
through SAM:

Accounts for Users and Groups ->
SAM Users

a. Select user account to modify:

Choose ACTIONS menu option ->
Modify Security Policies ->
Password Format Policies

b. At the bottom of the screen:
Maximum Password Length [Default 8]
Press RETURN

c. Select Customize
Enter the desired password length
Select OK

d. Select OK once again at the Modify Users Security
Policies window to activate the change.

Again, this works for accounts that are established through SAM after
system has already been converted to trusted.

topic Re: trust/u_maxlen in Operating System - HP-UX

trust/u_maxlen

Re: trust/u_maxlen