- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: 11.11 Pass aging defaults not in /etc/default/...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-30-2010 09:26 AM
тАО03-30-2010 09:26 AM
11.11 Pass aging defaults not in /etc/default/security
Hello all;
I am running a non trusted system that can not be converted to trusted. I know about the /etc/default/security file but there are no password aging options available in there.
reading the man for passwd I notice there is -s to display all the aging options and -n -w -x to set min warn max. I know that these are kept in the last two fields in the encrypted password. So there has to be a default file somewhere that has these standard values configured in them?? somewhere?? maybe??
So my question is: where is the file that sets the default configuration for password aging on a non trusted systems??
In 11.23 or 11iv2 these password aging settings are moved to the security file but in 11.11 I noticed that only settings related to password security are used in the security file for 11.11..
any help would be appreciated.
Shane
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-30-2010 09:37 AM
тАО03-30-2010 09:37 AM
Re: 11.11 Pass aging defaults not in /etc/default/security
You can convert to a shadow password file on 11.11, too by adding:
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=ShadowPassword
Regards!
...JRF...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-30-2010 09:50 AM
тАО03-30-2010 09:50 AM
Re: 11.11 Pass aging defaults not in /etc/default/security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-30-2010 10:50 AM
тАО03-30-2010 10:50 AM
Re: 11.11 Pass aging defaults not in /etc/default/security
I am looking to modify the min max and warn aging entries. I do see that the man page for passwd says warn is only available for trusted. However doing a passwd -s -a I can see how the password aging defaults are set. but what file keeps the defaults??
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-30-2010 12:32 PM
тАО03-30-2010 12:32 PM
Re: 11.11 Pass aging defaults not in /etc/default/security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-30-2010 12:40 PM
тАО03-30-2010 12:40 PM
Re: 11.11 Pass aging defaults not in /etc/default/security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-30-2010 12:46 PM
тАО03-30-2010 12:46 PM
Re: 11.11 Pass aging defaults not in /etc/default/security
In the legacy '/etc/passwd' file, aging can be defined when the encrypted password is followed by a comma and a non-null string of characters.
See the manpages for 'passwd(4)'.
Regards!
...JRF...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-30-2010 02:28 PM
тАО03-30-2010 02:28 PM
Re: 11.11 Pass aging defaults not in /etc/default/security
Aging defaults can be set a number of ways.
The default is 63 days, if memory serves me correctly.
You can set the system default on a non-trusted system with the sam utility.
You can change users individually this way as well.
You can also use the passwd command to set user expiration policy user by user with a shell script.
In a non-trusted system, as stated above, the password is stored, encrypted in /etc/passwd
See this file for what you should expect with the /etc/default/security file and what you can do.
http://docs.hp.com/en/B3920-90091/ch11s03.html
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com