HPE Community
Operating System - HP-UX
1820262 Members
2871 Online
109622 Solutions
New Discussion юеВ

/etc/shadow ?

 
SOLVED
Go to solution
Gavin Clarke
Trusted Contributor

тАО08-06-2003 12:41 AM

тАО08-06-2003 12:41 AM

/etc/shadow ?

I've been asked to supply a shadow file for an audit. We're running a trusted system on 10.20 (decided to run on this until changing systems entirely).

My understanding is that all the passwords live in /tcb/files...
Is there a shadow file as well?

PS: Which is better?

Thanks hugely for all comments, suggestions and advice.
0 Kudos
Reply
7 REPLIES 7
U.SivaKumar_2
Honored Contributor

тАО08-06-2003 01:00 AM

тАО08-06-2003 01:00 AM

Solution

Re: /etc/shadow ?

Hi,

If it is a trusted system then /etc/shadow file is not used. Instead the files for users under /tcb/files/auth/ directory.

Give those files for analysis.

regards,

U.SivaKumar
Innovations are made when conventions are broken
Reply
Zigor Buruaga
Esteemed Contributor

тАО08-06-2003 01:02 AM

тАО08-06-2003 01:02 AM

Re: /etc/shadow ?

Hi,

You are correct, trusted system lives in /tcb, and there is no shadow file.

Maybe this helps ...

http://www.ussg.iu.edu/usail/tasks/security/hp/hp.html

And about Shadow check this ...

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=ShadowPassword

I think you can supply the trusted system for an audit ( /etc/passwd with no encrypted passwd ... )
Hope this helps.

Regards,
Zigor
Reply
Tim Adamson_1
Honored Contributor

тАО08-06-2003 01:06 AM

тАО08-06-2003 01:06 AM

Re: /etc/shadow ?

Hi,

HP-UX doesn't use an /etc/shadow file. You are right in saying that the /tcb hierarchy contains the required information.


Hope this helps.

Yesterday is history, tomorrow is a mystery, today is a gift. That's why it's called the present.
Reply
Gavin Clarke
Trusted Contributor

тАО08-06-2003 01:13 AM

тАО08-06-2003 01:13 AM

Re: /etc/shadow ?

Great stuff, Thankyou all so much for confirming my suspicions.

Tim, I read in a post that you can get a shadow password file on 11i, which is why I asked which is better. Thanks very much for your reply, it has helped me alot.
0 Kudos
Reply
Gavin Clarke
Trusted Contributor

тАО08-06-2003 01:16 AM

тАО08-06-2003 01:16 AM

Re: /etc/shadow ?

Congratulations on your graduation too!
0 Kudos
Reply
Tim Adamson_1
Honored Contributor

тАО08-06-2003 01:30 AM

тАО08-06-2003 01:30 AM

Re: /etc/shadow ?

Hi,

In HP-UX 11iv1.6 they introduce a new Shadow Password feature so that post is correct.

Check the 11iv1.6 release notes at www.docs.hp.com.

I have no idea if it will be supported after that vrsion of HP-UX.

I hope that clarifies things. Probably makes it muddier :p


Cheers
Yesterday is history, tomorrow is a mystery, today is a gift. That's why it's called the present.
Reply
Gavin Clarke
Trusted Contributor

тАО08-06-2003 01:46 AM

тАО08-06-2003 01:46 AM

Re: /etc/shadow ?

Just being picky really.

I suppose I could pursue the shadow vs. trusted question, however since we're not running that version yet, well I might just find a cup of tea and create some user accounts that have been awaiting my attention instead. Funny how the little important things get brushed aside when there's an audit going on.

Thanks again for your help.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.