HPE Community
Operating System - HP-UX
1753797 Members
7291 Online
108805 Solutions
New Discussion юеВ

password in trusted mode.

 
Srimalik
Valued Contributor

тАО06-16-2008 12:51 AM

тАО06-16-2008 12:51 AM

password in trusted mode.

Hi,

I had a untrusted system with a password more than 8 chars(I know its of no use in case of untrusted system) say: abcd123456.

from this if I entered only the first eight chars I was able to login.

Now I convert the system to trusted mode and set the password limit to 20 chars.

Now also I see the same behavior I am able to login with abcd1234 as well as abcd123456.

I have not changed the password while converting the system to trusted mode. so the password is still abcd1234 (56 should be ignored as the hash never had this part)

Is this expected?? shouldn't the login fail when I try the password "abcd123456"???
It should only succeed with abcd1234.



-Sri
abandon all hope, ye who enter here..
0 Kudos
16 REPLIES 16
Jeeshan
Honored Contributor

тАО06-16-2008 01:01 AM

тАО06-16-2008 01:01 AM

Re: password in trusted mode.

Hi Sri

if you want to get benefitted of the trusted system, you may need to reset the password more that 8 characters.
a warrior never quits
0 Kudos
Srimalik
Valued Contributor

тАО06-16-2008 01:05 AM

тАО06-16-2008 01:05 AM

Re: password in trusted mode.

Thanks for the reply Ahsan

I can always reset the the password to more more than 8 chars.
My doubt is about the behavior of system.

I am writing an app which will behave exacly similar to the login prompt. so I used
crypt to authenticate on a untrusted system and bigcrypt on an untrusted system.

But for the above scenarios the results for my app. and login prompt do not match. :-(

I want to confirm where the behaviour shon by the login program is correct in trusted mode. It allows me to login with two passwords.



abandon all hope, ye who enter here..
0 Kudos
Srimalik
Valued Contributor

тАО06-16-2008 01:08 AM

тАО06-16-2008 01:08 AM

Re: password in trusted mode.

Found a thered with similar contents but not closure

http://forums11.itrc.hp.com/service/forums/questionanswer.do?admit=109447626+1213594642072+28353475&threadId=1184575
abandon all hope, ye who enter here..
0 Kudos
Avinash20
Honored Contributor

тАО06-16-2008 02:42 AM

тАО06-16-2008 02:42 AM

Re: password in trusted mode.

Please share the OS version
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
0 Kudos
Avinash20
Honored Contributor

тАО06-16-2008 03:07 AM

тАО06-16-2008 03:07 AM

Re: password in trusted mode.

When passwords on trusted systems are 8 bytes long you can enter a
password longer than 8 bytes and login to the system (as long as the
first 8 bytes match).

This CR asks that only the password entered be used to allow access to
the system if it fully matches the encrypted user password. That is
compare all of the password entered don't truncate it to 8 characters
for password matching.

The fix for 11.11 is delivered through PHCO_35250.
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
0 Kudos
Avinash20
Honored Contributor

тАО06-16-2008 03:28 AM

тАО06-16-2008 03:28 AM

Re: password in trusted mode.

The above is the known issue, and has been fixed with the patch mentioned above.
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
0 Kudos
Srimalik
Valued Contributor

тАО06-16-2008 04:24 AM

тАО06-16-2008 04:24 AM

Re: password in trusted mode.

Thanks Avinash

Is a equivalent patch available for 11.23?

-Sri
abandon all hope, ye who enter here..
0 Kudos
Srimalik
Valued Contributor

тАО06-16-2008 04:28 AM

тАО06-16-2008 04:28 AM

Re: password in trusted mode.

I could not find it in the patchequilancy table:
http://www12.itrc.hp.com/service/patch/document.do?docId=equiv_data1111

I am running a 11.23 june 2007 release.

-Sri
abandon all hope, ye who enter here..
0 Kudos
Avinash20
Honored Contributor

тАО06-16-2008 04:47 AM

тАО06-16-2008 04:47 AM

Re: password in trusted mode.

Here it goes

PHCO_35251 libpam_unix cumulative patch
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.