HPE Community
Operating System - HP-UX
1833832 Members
1985 Online
110063 Solutions
New Discussion

disabeling null or <enter> passwords

 
Unixbeheer2
Occasional Contributor

‎07-07-2003 12:38 AM

‎07-07-2003 12:38 AM

disabeling null or <enter> passwords

Dear All,

Is there a way to disable null,blank or passwords on a NON trusted system ?
Or is there a way to detect such passwords so that login account can be disabled ?

Thanks in advance,

Klaas Eenkhoorn
0 Kudos
Reply
4 REPLIES 4
Michael Tully
Honored Contributor

‎07-07-2003 12:55 AM

‎07-07-2003 12:55 AM

Re: disabeling null or <enter> passwords

Without the use of a trusted system, you cannot detect these values, unless you used a tool such as tiger or crack. The trusted system will only allow a certain criteria that you can assist in setting. You can still disable accounts by using the 'passwd -l' command.
Anyone for a Mutiny ?
0 Kudos
Reply
Darren Prior
Honored Contributor

‎07-07-2003 01:28 AM

‎07-07-2003 01:28 AM

Re: disabeling null or <enter> passwords

Hi Klaas,

I believe (on an untrusted 11 system) that you can't stop root from assigning null passwords to any user, but any non-root user has to abide by the restrictions listed in the passwd(1) man page - which includes a minimum length of 6 chars for a password. passwd returns a "password too short - must be at least 6 characters" error if a non-root user attempts to set a null password.

regards,

Darren.
Calm down. It's only ones and zeros...
0 Kudos
Reply
Michael Kelly_5
Valued Contributor

‎07-07-2003 03:55 AM

‎07-07-2003 03:55 AM

Re: disabeling null or <enter> passwords

Klaas,
detecting (and disabling) user accounts with a null/blank password is easy.

Try this:
for uacct in `awk -F: '$2 == "" {print $1}' /etc/passwd`; do
passwd -l $uacct
done

HTH,
Michael.
The nice thing about computers is that they do exactly what you tell them. The problem with computers is that they do EXACTLY what you tell them.
0 Kudos
Reply
Steven Sim Kok Leong
Honored Contributor

‎07-11-2003 06:58 PM

‎07-11-2003 06:58 PM

Re: disabeling null or <enter> passwords

Hi,

The unorthodox method would be to use a wrapper script for the passwd command. The wrapper script does the bounds check before calling the passwd command.

Hope this helps. Regards.

Steven Sim Kok Leong
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.