HPE Community
Operating System - HP-UX
1752691 Members
5490 Online
108789 Solutions
New Discussion юеВ

Re: how to view password setting for a trusted system?

 
SOLVED
Go to solution
PamelaJThrasher
Regular Advisor

тАО06-22-2009 05:05 AM

тАО06-22-2009 05:05 AM

how to view password setting for a trusted system?

I recently made changes to the system-wide settings for some of my trusted servers using the modprdef command. I changed:
- null passwords not allowed
- minimum time interval between password changes
- password life time interval
- password expiration time interval
- password expiration warning time interval
- maximum number of unsuccessful logins
- maximum time between last loging and current login

I made these changes in response to an audit of our servers. The auditors are now asking for proof that these changes have been made.

Is there a command that will list the system wide settings for a trusted server?

Thanks.
Pam
0 Kudos
9 REPLIES 9
AL_3001
Regular Advisor

тАО06-22-2009 05:09 AM

тАО06-22-2009 05:09 AM

Solution

Re: how to view password setting for a trusted system?

Hi Pam,

You can check the default file in:

/tcb/files/auth/system

Cheers,
AL
0 Kudos
Sunny123_1
Esteemed Contributor

тАО06-22-2009 05:13 AM

тАО06-22-2009 05:13 AM

Re: how to view password setting for a trusted system?

Hi

You can view this in /etc/default/security file.


Regards
Sunny
0 Kudos
Richard Hepworth
Esteemed Contributor

тАО06-22-2009 06:04 AM

тАО06-22-2009 06:04 AM

Re: how to view password setting for a trusted system?

Hi Pam,

You can check each one as follows:

- null passwords not allowed:
/usr/lbin/getprdef -m nullpw

- minimum time interval between password changes:
/usr/lbin/getprdef -m mintm

- password lifetime interval:
/usr/lbin/getprdef -m lftm

- password expiration time interval:
/usr/lbin/getprdef -m exptm

- password expiration warning time interval:
/usr/lbin/getprdef -m expwarn

- maximum number of unsuccessful logins:
/usr/lbin/getprdef -m umaxlntr

- maximum time between last loging and current login:
Not sure about this one!

regards,

Richard

0 Kudos
Vivek Bhatia
Trusted Contributor

тАО06-22-2009 09:06 AM

тАО06-22-2009 09:06 AM

Re: how to view password setting for a trusted system?

Hi Pamela,

yes,

Run "/usr/lbin/getprpw username" and you will see all the changes you have set as a default on this server.

Regards
Vivek
0 Kudos
ManojK_1
Valued Contributor

тАО06-22-2009 11:32 PM

тАО06-22-2009 11:32 PM

Re: how to view password setting for a trusted system?

What vivek is mentioned (/usr/lbin/getprpw ) is the best way to find the system wide settings for user in a trusted systems.

#man getprpw

above command will give you more details and the meaning of the output /usr/lbin/getprpw .

Thanks and Regards,
Manoj K
Thanks and Regards,
Manoj K
0 Kudos
Sivakumar MJ._1
Respected Contributor

тАО06-23-2009 12:38 AM

тАО06-23-2009 12:38 AM

Re: how to view password setting for a trusted system?

In Support off AL300, please check the link

http://docs.hp.com/en/B9106-90011/default.4.html
0 Kudos
Suraj K Sankari
Honored Contributor

тАО06-23-2009 12:44 AM

тАО06-23-2009 12:44 AM

Re: how to view password setting for a trusted system?

Hi,
getprpw is the command or else you can ask the auditor to login into the system and do all this means set
- null passwords
- minimum time interval between password changes
- password life time interval
- password expiration time interval
- password expiration warning time interval
- maximum number of unsuccessful logins
- maximum time between last loging and current login

if he will fail then you did the changes.

suraj
0 Kudos
Sajjad Sahir
Honored Contributor

тАО06-23-2009 02:00 AM

тАО06-23-2009 02:00 AM

Re: how to view password setting for a trusted system?


Dear Friend

getprpw is the command to displays the user's protected password database settings.


thanks and regards

Sajjad Sahir
0 Kudos
PamelaJThrasher
Regular Advisor

тАО06-23-2009 03:38 AM

тАО06-23-2009 03:38 AM

Re: how to view password setting for a trusted system?

.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.