- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: System wide password Format on Trusted System ...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-29-2009 06:01 AM
тАО09-29-2009 06:01 AM
I see parameters in:
/tcb/files/auth/system/
default:
I want to know is there a way to define parameters, to set password format
and minimum length?
We would like to set a minimum password length and force the use of a alpha/numeric/character mix.
Can someone explain or suggest ways to enforce "minimum length" and "format requirements" (such as alpha/numeric/characters)
I see in SAM you can make the system
GENERATE
- Pronouncable
- Character
- Letters Only
- User Specifies
DO you procedurally use "User Specifies" and ask the User to use a mix ? Or is there a way when the user resets there password to require the specify a minimum format requirement?
And a minimum length?
Replies, links, ideas all appreciated.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-29-2009 06:05 AM
тАО09-29-2009 06:05 AM
Solutionhere is how mine looks:
[root@nomad:/root]
# ll /etc/default/security
-r--r--r-- 1 bin bin 2538 Oct 31 2007 /etc/default/security
[root@nomad:/root]
# grep -v ^# /etc/default/security | grep -v ^$
ABORT_LOGIN_ON_MISSING_HOMEDIR=1
MIN_PASSWORD_LENGTH=8
PASSWORD_HISTORY_DEPTH=8
PASSWORD_MIN_UPPER_CASE_CHARS=1
PASSWORD_MIN_LOWER_CASE_CHARS=1
PASSWORD_MIN_DIGIT_CHARS=1
PASSWORD_MAXDAYS=91
PASSWORD_MINDAYS=1
PASSWORD_WARNDAYS=7
SU_ROOT_GROUP=sysadm
UNIX because I majored in cryptology...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-29-2009 06:07 AM
тАО09-29-2009 06:07 AM
Re: System wide password Format on Trusted System 11.11?
this is a trusted 11.11 system.. I do not have
the /etc/default/security file..
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-29-2009 06:16 AM
тАО09-29-2009 06:16 AM
Re: System wide password Format on Trusted System 11.11?
/tcb/files/auth/system/default
BTW ; The file in question is /etc/default/security does not exist by default. But if we create it, we can use a variable called
PASSWORD_HISTORY_DEPTH:3
In this case, a new password is checked against the last three passwords. If the new password is the same as a previous password, the user must choose a different one. Password histories are stored in files under the directory /tcb/files/auth/system/pwhist:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-29-2009 06:18 AM
тАО09-29-2009 06:18 AM
Re: System wide password Format on Trusted System 11.11?
You might want to consider that Trusted Systems are deprecated with 11.31 and will not be supported in successive releases.
As Mel pointed out, the '/etc/default/security' file (and shadow passwords) are part of the basis for future security enhancements in HP-UX. You might want to consider beginning this transition.
For 11.11 the Shadow Password product can be obtained here:
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=ShadowPassword
Regards!
...JRF...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-29-2009 06:54 AM
тАО09-29-2009 06:54 AM
Re: System wide password Format on Trusted System 11.11?
(per JRF) it would require we install the "Shadow Password Depot"?
Does this Depot overlay the tcb/trusted system or do we need to unconvert the trusts?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-29-2009 07:04 AM
тАО09-29-2009 07:04 AM
Re: System wide password Format on Trusted System 11.11?
Pete
Pete
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-29-2009 07:05 AM
тАО09-29-2009 07:05 AM
Re: System wide password Format on Trusted System 11.11?
Pete
Pete
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-29-2009 07:07 AM
тАО09-29-2009 07:07 AM
Re: System wide password Format on Trusted System 11.11?
I will take a look at both.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-29-2009 07:26 AM
тАО09-29-2009 07:26 AM