Simpler Navigation for Servers and Operating Systems - Please Update Your Bookmarks
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
If you have bookmarked forums or discussion boards in Servers and Operating Systems, we suggest you check and update them as needed.
Operating System - Tru64 Unix
cancel
Showing results for 
Search instead for 
Did you mean: 

Enhanced security...

SR Rao
Advisor

Enhanced security...

As per the edauth output the u_minlen is 0. But when I try to create a user with null password, it doesnt allow me.
Referring prpasswd man pages, it said " u_minlen ==> The number in this field specifies the minimum length of the user account password. If the field is zero, a dynamic value is calculated as defined in the Green Book."
Can some one guide me to the Green Book.
4 REPLIES
Ann Majeske
Honored Contributor

Re: Enhanced security...

The "Green Book" is the (old) U.S. Government document describing the C2 level security requirements. It was published with a green cover. You might be able to find this on a U.S. Government site somewhere.

To allow null passwords, set the u_nullpw field.

Ann
SR Rao
Advisor

Re: Enhanced security...

Thanks for the information. Meanwhile I have struck with one more issue.
The u_maxlen is set to 10 and u_minlen is set to 0. Now I understand that we cannot have a null password because of u_nullpw. But what is stopping me from setting the password to 1 or 2 letter length. Upon trying to change the password it prompts me to keep the password length from 9 to 80 characters!
Ann Majeske
Honored Contributor

Re: Enhanced security...

There are different length fields for generated and user chosen passwords. Check out the definitions for u_minchosen and u_maxchosen.

Ann
Mark Poeschl_2
Honored Contributor

Re: Enhanced security...

Since your u_minlen is still set to zero you are using the minimum length specified in the "Green Book" - whatever that is - it's almost certainly greater than 2. If you really want 1 or 2 character passwords you should set u_minlen to 1.