HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

understanding /etc/passwd - PART 2

 
SOLVED
Go to solution
john guardian
Super Advisor

understanding /etc/passwd - PART 2

I was reading thru the thread "understanding /etc/passwd". One response from JR Ferguson references Chapter 8 of a document. I haven't "played" with this feature of 11.31 yet, though I am aware that Trusted Systems has been deprecated. The question is: from what I've read, it ALMOST looks like the new passwd file (with shadow) requires the use of NIS? Is this true? Or can you use the "new-and-improved" password security method without involving NIS?
4 REPLIES
Patrick Wallek
Honored Contributor
Solution

Re: understanding /etc/passwd - PART 2

Use of NIS should not be required. Using NIS would undo what you gain by using shadowed passwords.

NIS is an inherently **unsecure** protocol.

Mel Burslan
Honored Contributor

Re: understanding /etc/passwd - PART 2

I believe you have misunderstood what you read about shadow password file and NIS relationship. NIS is being kept for not much more than legacy purposes on UNIX platform as far as I know. It is alarmingly insecure way of user authentication. If you are not using it as a requirement from an old application, do not touch it with a 10 foot pole.
________________________________
UNIX because I majored in cryptology...
Patrick Wallek
Honored Contributor

Re: understanding /etc/passwd - PART 2

If you go back and reread the first page of Chapter 8 it says:

HP-UX Shadow Passwords are not supported by:

*Network Information Service (NIS).
*Network information Server Plus (NIS+).

Can you point to what you read that **ALMOST** led you to believe NIS was required?
john guardian
Super Advisor

Re: understanding /etc/passwd - PART 2

Thanks guys.

Couldn't find where I read about the NIS ref, but if I do I will update. I thought it was a dumb approach to do so... that's why I inquired.