Operating System - HP-UX
1748169 Members
3956 Online
108758 Solutions
New Discussion юеВ

understanding /etc/passwd.

 
SOLVED
Go to solution
senthil_kumar_1
Super Advisor

understanding /etc/passwd.

Hi All

It is my /etc/passwd

what is the purpose of second filed. I think it is password field.

some line contains * and some other line contains some characters.

what is the difference?

1)
cmurphy:*:200:21:C.C.Murphy,US HQ,6588,:/home/murphy:/bin/ksh
2)klabunde:*:252:28:M.C.Klabunde,,,:/home/klabunde:/bin/ksh
3)pwrchute:zf67.sLB9vFPE:257:10:PowerChutePlus,,,:/home/pwrchute:/bin/ksh
4)
weber:*:277:32:D.M.Weber,eds,,:/home/weber:/bin/ksh
5)
mckeen:xQUDOfLwcnNB6:338:36:C.A.McKeen,EMD LMC,,:/home/ccm/home/mckeen:/bin/ksh
6)
ktieman:4Py4ttQiGGxo.:365:36:Ken Tieman,EMD LMC,,:/home/ktieman:/bin/ksh
7)
dandawat:xVUyMpkuSeWUY:399:21:Y Dandawate,,,:/home/pz2tl1:/bin/ksh
28 REPLIES 28
Javed Khan_1
Valued Contributor

Re: understanding /etc/passwd.

Hi,

for above case * means account is locked

Javed
Never Give Up
Ivan Krastev
Honored Contributor

Re: understanding /etc/passwd.

The second field is crypted password. See more here - http://docs.hp.com/en/B3921-90010/passwd.4.html

regards,
ivan
Viney Kumar
Regular Advisor

Re: understanding /etc/passwd.

Hi

After go through your /etc/passwd file, i think your system is non-trusted system

In non trusted, its means account is locked or you are not assign any passwd for a user



Ashish Parashar
Frequent Advisor

Re: understanding /etc/passwd.

Hi

Well the second field in the passwd file is for passowrd strings '

You might aware that ,we can have two type of system trusted and nontrusted ...in trusted system the password field conatains * and the actual password string present under /tcb/files/auth directory ..

In non trusted system the string present in password field is actual password of user.

Regards

Ashish
Avinash20
Honored Contributor

Re: understanding /etc/passwd.

The second filed in the /etc/password is for Password of the user.

If it is * it is usually encrypted.

I could find some of the users are having the password "ktieman:4Py4ttQiGGxo <== while some of the users are having "cmurphy:* <<==

I believe you have trusted the server and after that you have untrusted.

When to turn the server into trusted(tsconvert), the password will be encrypted(*) and will be stored in /tcb directory

If you change the again change the system to untrusted, the password field will show as * unless you again change the password.
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
Avinash20
Honored Contributor

Re: understanding /etc/passwd.

Please refer to

http://docs.hp.com/en/B3921-60631/passwd.4.html

Look at the "Password Field"
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
senthil_kumar_1
Super Advisor

Re: understanding /etc/passwd.

I went thru some documents. I found following things.

There are four types of systems available depending password.

1)non-shadowed standard system:

On a non-shadowed standard system, all password fields contain the actual encrypted password in /etc/passwd.

2)shadowed standard system:

all password fields contain an `*' in /etc/passwd, while the actual encrypted passwords reside in /etc/shadow.

3)non trusted system:

On a non trusted system, all password fields contain the actual encrypted password in /etc/passwd.

4)trusted system:

On a trusted system, all password fields contain a `*' in /etc/passwd and the actual encrypted passwords reside in the Protected Password Database
"/tcb/files/auth "


NOTE: A system that has been converted to a trusted system has no /etc/shadow file

Here I have two questions:

1)How to convert HP-UX as trusted system?
2)How to create encrypted password.?




Avinash20
Honored Contributor

Re: understanding /etc/passwd.

Good question:

1)How to convert HP-UX as trusted system?

## You could convert the system to trusted via

# /usr/lbin/tsconvert

2)How to create encrypted password.?

There are two ways.

Shadow password (pwconv)

or

Convert to Trusted.
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
Avinash20
Honored Contributor

Re: understanding /etc/passwd.

I would advice you to go via
http://docs.hp.com/en/B2355-90121/

Also instead of tsconvert, it better you go via sam and convert it,.

SAM-> Auditing and security ->system security policies

This will ask for the system to get it trusted !!
"Light travels faster than sound. That's why some people appear bright until you hear them speak."