- Community Home
- >
- Servers and Operating Systems
- >
- Operating System - HP-UX
- >
- System Administration
- >
- System wide password Format on Trusted System 11.1...
-
-
Categories
- Topics
- Hybrid IT with Cloud
- Mobile & IoT
- IT for Data & Analytics
- Transformation
- Strategy and Technology
- Products
- Cloud
- Integrated Systems
- Networking
- Servers and Operating Systems
- Services
- Storage
- Company
- Events
- Partner Solutions and Certifications
- Welcome
- Welcome
- Announcements
- Tips and Tricks
- Feedback
-
Blogs
- Alliances
- Around the Storage Block
- Behind the scenes @ Labs
- Converged Data Center Infrastructure
- Digital Transformation
- Grounded in the Cloud
- HPE Careers
- HPE Storage Tech Insiders
- Infrastructure Insights
- Inspiring Progress
- Internet of Things (IoT)
- My Learning Certification
- Networking
- OEM Solutions
- Servers: The Right Compute
- Telecom IQ
- Transforming IT
-
Quick Links
- Community
- Getting Started
- FAQ
- Ranking Overview
- Rules of Participation
- Contact
- Email us
- Tell us what you think
- Information Libraries
- Integrated Systems
- Networking
- Servers
- Storage
- Other HPE Sites
- Support Center
- Enterprise.nxt
- Marketplace
- Aruba Airheads Community
-
Categories
-
Forums
-
Blogs
-
InformationEnglish
System wide password Format on Trusted System 11.11?
SOLVED- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
09-29-2009 06:01 AM
09-29-2009 06:01 AM
I see parameters in:
/tcb/files/auth/system/
default:
I want to know is there a way to define parameters, to set password format
and minimum length?
We would like to set a minimum password length and force the use of a alpha/numeric/character mix.
Can someone explain or suggest ways to enforce "minimum length" and "format requirements" (such as alpha/numeric/characters)
I see in SAM you can make the system
GENERATE
- Pronouncable
- Character
- Letters Only
- User Specifies
DO you procedurally use "User Specifies" and ask the User to use a mix ? Or is there a way when the user resets there password to require the specify a minimum format requirement?
And a minimum length?
Replies, links, ideas all appreciated.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
09-29-2009 06:05 AM
09-29-2009 06:05 AM
Solutionhere is how mine looks:
[root@nomad:/root]
# ll /etc/default/security
-r--r--r-- 1 bin bin 2538 Oct 31 2007 /etc/default/security
[root@nomad:/root]
# grep -v ^# /etc/default/security | grep -v ^$
ABORT_LOGIN_ON_MISSING_HOMEDIR=1
MIN_PASSWORD_LENGTH=8
PASSWORD_HISTORY_DEPTH=8
PASSWORD_MIN_UPPER_CASE_CHARS=1
PASSWORD_MIN_LOWER_CASE_CHARS=1
PASSWORD_MIN_DIGIT_CHARS=1
PASSWORD_MAXDAYS=91
PASSWORD_MINDAYS=1
PASSWORD_WARNDAYS=7
SU_ROOT_GROUP=sysadm
UNIX because I majored in cryptology...
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
09-29-2009 06:07 AM
09-29-2009 06:07 AM
Re: System wide password Format on Trusted System 11.11?
Re: System wide password Format on Trusted System 11.11?
this is a trusted 11.11 system.. I do not have
the /etc/default/security file..
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
09-29-2009 06:16 AM
09-29-2009 06:16 AM
Re: System wide password Format on Trusted System 11.11?
Re: System wide password Format on Trusted System 11.11?
/tcb/files/auth/system/default
BTW ; The file in question is /etc/default/security does not exist by default. But if we create it, we can use a variable called
PASSWORD_HISTORY_DEPTH:3
In this case, a new password is checked against the last three passwords. If the new password is the same as a previous password, the user must choose a different one. Password histories are stored in files under the directory /tcb/files/auth/system/pwhist:
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
09-29-2009 06:18 AM
09-29-2009 06:18 AM
Re: System wide password Format on Trusted System 11.11?
Re: System wide password Format on Trusted System 11.11?
You might want to consider that Trusted Systems are deprecated with 11.31 and will not be supported in successive releases.
As Mel pointed out, the '/etc/default/security' file (and shadow passwords) are part of the basis for future security enhancements in HP-UX. You might want to consider beginning this transition.
For 11.11 the Shadow Password product can be obtained here:
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=ShadowPassword
Regards!
...JRF...
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
09-29-2009 06:54 AM
09-29-2009 06:54 AM
Re: System wide password Format on Trusted System 11.11?
Re: System wide password Format on Trusted System 11.11?
(per JRF) it would require we install the "Shadow Password Depot"?
Does this Depot overlay the tcb/trusted system or do we need to unconvert the trusts?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
09-29-2009 07:04 AM
09-29-2009 07:04 AM
Re: System wide password Format on Trusted System 11.11?
Re: System wide password Format on Trusted System 11.11?
Pete
Pete
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
09-29-2009 07:05 AM
09-29-2009 07:05 AM
Re: System wide password Format on Trusted System 11.11?
Re: System wide password Format on Trusted System 11.11?
Pete
Pete
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
09-29-2009 07:07 AM
09-29-2009 07:07 AM
Re: System wide password Format on Trusted System 11.11?
Re: System wide password Format on Trusted System 11.11?
I will take a look at both.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
09-29-2009 07:26 AM
09-29-2009 07:26 AM
Re: System wide password Format on Trusted System 11.11?
Re: System wide password Format on Trusted System 11.11?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
09-29-2009 09:35 AM
09-29-2009 09:35 AM
Re: System wide password Format on Trusted System 11.11?
Re: System wide password Format on Trusted System 11.11?
take prececent over user TCB files or is this
file subservient of tcb security?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
09-29-2009 11:42 AM
09-29-2009 11:42 AM
Re: System wide password Format on Trusted System 11.11?
Re: System wide password Format on Trusted System 11.11?
I have attached a sample security file. In my next post, I have attached a security definition script that will summarize all the settings in your current system.
Note that while Trusted is deprecated for the future, the replacement choices are not as capable. Unless you plan on moving to the next version past 11.31 (not out yet), I would stay with Trusted. Adding Shadow Passwords will be fairly confusing when you see all the limitations.
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
09-29-2009 11:44 AM
09-29-2009 11:44 AM
Re: System wide password Format on Trusted System 11.11?
Re: System wide password Format on Trusted System 11.11?
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
09-29-2009 12:30 PM
09-29-2009 12:30 PM
Re: System wide password Format on Trusted System 11.11?
Re: System wide password Format on Trusted System 11.11?
I also recommend that you can read this post as addendum knowledge, I think it is very useful especially the future of Trusted Systems and their disadvantages:
http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=1371250
Regards.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
09-29-2009 12:36 PM
09-29-2009 12:36 PM
Re: System wide password Format on Trusted System 11.11?
Re: System wide password Format on Trusted System 11.11?
I appreciate the assistance ..
Hewlett Packard Enterprise International
- Communities
- HPE Blogs and Forum
© Copyright 2018 Hewlett Packard Enterprise Development LP