topic security in Operating System - HP-UX

security

Vogra — Mon, 11 Jun 2001 18:40:06 GMT

Hi All!
if it's possible, how can I disable de security on HP-UX.11.00.
Thanx.

Re: security

Patrick Wallek — Mon, 11 Jun 2001 18:49:03 GMT

What do you mean disable security? There are many levels of unix security. What specifically are you trying to accomplish?

Re: security

Vogra — Mon, 11 Jun 2001 19:50:36 GMT

/etc/passwd have the line:
vsul:*:403:125:User2,,,:/userbaan:/usr/bin/sh
I have to see de field password (encripted, I know).

Re: security

MANOJ SRIVASTAVA — Mon, 11 Jun 2001 19:57:18 GMT

Hi Claudio

I dont think think you can decrypt the passwd string , however as an root you can change it to another on w/o knowing the original passwd .This way you can log into that user .But it is not possible to decrypt the passwd .

Manoj Srivastava

Re: security

Jim Turner — Mon, 11 Jun 2001 19:59:18 GMT

Claudio,

Presuming you have an asterisk (*) as the password in every /etc/passwd entry, you are working with a trusted system. All you need to do is untrust the system.

/usr/lbin/tsconvert -r

Cheers,
Jim

Re: security

Patrick Wallek — Mon, 11 Jun 2001 19:59:34 GMT

If the passwd field in /etc/passwd has a * in it and the user can still log in, then it sounds as if you have a trusted system. If you are sure you want to "un-trust" it, you can do so with the command 'tsconvert -r'. If you just want to look at the passwd field for a user, check the appropriate file in /tcb/files/[a-z]|[A-Z] for that particular user.

Re: security

Vogra — Mon, 11 Jun 2001 20:06:41 GMT

Hi Manoj,
I need to adduser in server 2 that existing in server 1 than I copy line with all information from server1 to server 2. Now it's not possible (?).

Re: security

Bill Hassell — Mon, 11 Jun 2001 23:41:58 GMT

Correct. A Trusted System is designed to protect the password from hackers. You can obtain the encrypted password in the /tcb directory but you must be root to read the /tcb information. It is located in the user's database entry.

Re: security

Rui_3 — Mon, 18 Jun 2001 07:38:15 GMT

Hi,

If your system is a trusted system and you want to do this so that you can copy a user from one system to the other you can still do this, just run /usr/lbin/tsconvert -c in the end to sync the passwords in the /etc/passwd file to the passwords in the /tcb database.

As a plus if you only want to access the encrypted password, this is located on individual files for each user in the /tcb/files/auth//

regards