HPE Community
Operating System - HP-UX
1753923 Members
8908 Online
108810 Solutions
New Discussion юеВ

hpux -is

 
SOLVED
Go to solution
Steven Schweda
Honored Contributor

тАО04-19-2011 10:56 PM

тАО04-19-2011 10:56 PM

Re: hpux -is

> >> The only way back into the machine is
> to re-install the OS.
>
> hmmm [...]

Yeah. In my experience, almost any statement
which begins "The only way" is probably
wrong. This one seems to follow the pattern.
Reply
Ismail Azad
Esteemed Contributor

тАО04-20-2011 02:43 AM

тАО04-20-2011 02:43 AM

Re: hpux -is

Hi,

Regarding your original question, authentication at single user mode is one of the features of the trusted system and as gracefully mentioned the problem exactly lies in getting access to the system console.

If you carefully look at the SMSE database, you will notice a BOOT_AUTH flag which describes exactly what you are saying but I have personally not used this flag but is definitely documented in /etc/security.dsc on a 11.31 operating system.

Regards
Ismail Azad
Read, read and read... Then read again until you read "between the lines".....
Reply
chris huys_4
Honored Contributor

тАО04-20-2011 04:39 PM

тАО04-20-2011 04:39 PM

Re: hpux -is

Hi John,

Your management sees the security issue to narrow.

There are 2 ways to access a HP-UX system. Via the gsp(pa-risc)/mp (itanium), over the lan and that is protected by passwords.

And via physical access to the console of a system and that is in most companies, restricted by only giving access to the datacenter, were the system resides, to the ones whose business it is, to maintain these systems.

So also "going into single user mode" is protected" in one way or another "by security".

Besides, I would not call, the efi prompt, the "subject line". ;)

Greetz,
Chris
Reply
Viktor Balogh
Honored Contributor

тАО04-20-2011 11:29 PM

тАО04-20-2011 11:29 PM

Re: hpux -is

> Besides, I would not call, the efi prompt, the "subject line". ;)

he meant the "hpux -is" command, it's the subject of this topic. :)
****
Unix operates with beer.
Reply
Rick Christmas
Regular Visitor

тАО06-30-2011 07:17 PM

тАО06-30-2011 07:17 PM

Re: hpux -is

@Steven Schweda wrote:
> [...] The only way back into the machine is
> to re-install the OS.

Really? There's no way to boot from, say, an
OS installation disc and make the repair?

Hasn't Solaris been requiring a password to
boot into single-user mode since SunOS 5.0?
(I seem to recall being amazed at the change
back when 4.1.4 was still the norm.)
Does anyone know the procedure for using the OS disk to gain access
and reset the root password? I am locked out of 7 machines running HPUX 11.11i.
The root password has expired (as did the sys admin) and since everyone has tried
what they thought was surely the right password, all but one of the boxes the account is
also locked. I tried to telnet to the MP port and tried serial thru com1, both failed. They are all
b2600 workstations. I'm really dreading having to rebuild them all just because of the password.
Thanks in advance for any help.
R Xmas
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

тАО06-30-2011 08:07 PM

тАО06-30-2011 08:07 PM

Re: hpux -is

Shalom,

A console login will permit a login and therefore let you reset the password.

You don't need to rebuild them.

You don't have to rebuild them. You can hook up a serial console, log in with the old root password and then change the root password.

b2600 is a workstation, so you should be able to hang a keyboard and monitor off them and THAT will be the console.

If you don't know the root password, then you need to power cycle.

At the first prompt interupt at the keyboard.

bo pri
Y <enter> interact with the prompt.

hpux -is

If that is password protected you do need to boot off OS media. Then you can null out the root password, probably in the /etc/passwd file and then reboot the system and quicly put in a password.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Hakki Aydin Ucar
Honored Contributor

тАО07-01-2011 06:05 AM

тАО07-01-2011 06:05 AM

Re: hpux -is

I believe , root password recovery is possible ( I was forced  to do sometimes..) like duncan and Steven described here.

Solaris needs OS DVD but HP-UX do not need

Besides, you just need a serial OR remote console.

 

But , I think,  this is good for an administrator, not for mngmt. so mngmt need an administrator to do works like this.

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.