topic Re: Root Password in Operating System - HP-UX

Root Password

P.V.Ramesh — Fri, 16 Aug 2002 17:27:49 GMT

Hi

How to increase the no of attempts for root login account.

Ramesh

Re: Root Password

Patrick Wallek — Fri, 16 Aug 2002 17:34:04 GMT

The easiest way is to go into SAM, select the root user, then select the ACTIONS menu (I think) and then under one of the menus there is an option to increase the no of attempts for invalid root logins before it disables it.

Re: Root Password

Kelli Ward — Fri, 16 Aug 2002 17:34:56 GMT

One quick way would be to modify the root user in the User section of SAM.
Another way is to use the modprpw command on a trusted system.
Good luck,
Kel

Re: Root Password

P.V.Ramesh — Fri, 16 Aug 2002 17:36:12 GMT

Mr. Patrick

But all this information will be writen in one of the file. I would like to know which file this information available.

Re: Root Password

Patrick Wallek — Fri, 16 Aug 2002 17:37:58 GMT

I don't know this for certain, but I THINK that this information is contained in the /tcb/auth/r/root file. I think that's the right path.

To verify just look for root in the /tcb directory structure.

Re: Root Password

P.V.Ramesh — Fri, 16 Aug 2002 17:42:21 GMT

My machine i not having /tcb directory. How do i know the password is trusted or not.

Re: Root Password

Kelli Ward — Fri, 16 Aug 2002 17:43:53 GMT

Hi All,
For a trusted system it should be in
/tcb/auth/pfiles/r/root
(might have reversed auth and pfiles)
Use care when modifying that file directly.

For some reason, I was thinking this could also be done in a non-trsuted system in SAM but was just looking and didn't see anything. I was probably thinking of password aging.
Good luck
Kel

Re: Root Password

Kelli Ward — Fri, 16 Aug 2002 17:59:39 GMT

Hi,
Sorry 'bout that, I was writing my response while you were writing your question.
If you have no /tcb directory, your system is not trusted. All the trusted mode database files are within that directory.
Let me see if I can figure out how to increase users in a non-trusted environment.
I can't remember if or how. Again, I can only think of password aging.
By the way,
Are you getting an error with a user? If so, what is it? Also, was version of unix are you running?
Thanks,
Kel

Re: Root Password

Sridhar Bhaskarla — Fri, 16 Aug 2002 18:00:31 GMT

Ramesh,

Run the following command

/usr/lbin/getprpw root

In the output note the value of umaxlntr. It is the number of unsuccessful attempts.

If your system is not trusted, you will get the error message that the system is not trusted.

getprpw reads the info from /tcb/files/auth/r/root file

If your system is not trusted, you do not need to worry about the no of attempts unless you are running any third party password management tools like Control-SA, e-Trust etc.,

-Sri

Re: Root Password

Kelli Ward — Fri, 16 Aug 2002 18:07:19 GMT

Also, root can lock an account with passwd -l
This could have happened to you as well. Check /etc/passwd, if the users encrytped password was replaced with a * (after second colon) that could be it.

I think Sri might have hit it on the head with a 3rd party software.

Kel