HPE Community
Operating System - Tru64 Unix
1752751 Members
5058 Online
108789 Solutions
New Discussion юеВ

Re: Enhanced security...

 
SR Rao
Advisor

тАО12-08-2006 12:19 AM

тАО12-08-2006 12:19 AM

Enhanced security...

As per the edauth output the u_minlen is 0. But when I try to create a user with null password, it doesnt allow me.
Referring prpasswd man pages, it said " u_minlen ==> The number in this field specifies the minimum length of the user account password. If the field is zero, a dynamic value is calculated as defined in the Green Book."
Can some one guide me to the Green Book.
0 Kudos
4 REPLIES 4
Ann Majeske
Honored Contributor

тАО12-08-2006 05:00 AM

тАО12-08-2006 05:00 AM

Re: Enhanced security...

The "Green Book" is the (old) U.S. Government document describing the C2 level security requirements. It was published with a green cover. You might be able to find this on a U.S. Government site somewhere.

To allow null passwords, set the u_nullpw field.

Ann
0 Kudos
SR Rao
Advisor

тАО12-08-2006 05:56 AM

тАО12-08-2006 05:56 AM

Re: Enhanced security...

Thanks for the information. Meanwhile I have struck with one more issue.
The u_maxlen is set to 10 and u_minlen is set to 0. Now I understand that we cannot have a null password because of u_nullpw. But what is stopping me from setting the password to 1 or 2 letter length. Upon trying to change the password it prompts me to keep the password length from 9 to 80 characters!
0 Kudos
Ann Majeske
Honored Contributor

тАО12-08-2006 08:38 AM

тАО12-08-2006 08:38 AM

Re: Enhanced security...

There are different length fields for generated and user chosen passwords. Check out the definitions for u_minchosen and u_maxchosen.

Ann
0 Kudos
Mark Poeschl_2
Honored Contributor

тАО12-11-2006 06:27 AM

тАО12-11-2006 06:27 AM

Re: Enhanced security...

Since your u_minlen is still set to zero you are using the minimum length specified in the "Green Book" - whatever that is - it's almost certainly greater than 2. If you really want 1 or 2 character passwords you should set u_minlen to 1.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.