HPE Community
Operating System - HP-UX
1830214 Members
1312 Online
109999 Solutions
New Discussion

How Entrusted Database File system works

 
Juan Jose Navarro
New Member

‎03-15-2007 09:29 PM

‎03-15-2007 09:29 PM

How Entrusted Database File system works

Hello friends
I want to know how the /tcb/files/ are encrypted and hide away. It is working with file permissions? How encrypt this password? I understand that the passwd is ecnrypted with DESC (salt) in the /etc/passwd and after moved to the database
Could you help me?
0 Kudos
Reply
2 REPLIES 2
Steven E. Protter
Exalted Contributor

‎03-15-2007 10:03 PM

‎03-15-2007 10:03 PM

Re: How Entrusted Database File system works

Shalom Juan,

All of the above.

File permissions are as tight as possible to permit login and MD5 encryption is used.

It is nearly impossible to crack a password once forgotten. Perhaps the crack utility can do it.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Peter Godron
Honored Contributor

‎03-15-2007 10:07 PM

‎03-15-2007 10:07 PM

Re: How Entrusted Database File system works

Hi Juan,
and welcome to the forums !

When you convert to a Trusted System, the conversion program:

Creates a new, protected password database in /tcb/files/auth/.

Moves encrypted passwords from the /etc/passwd file to the protected password database and replaces the password field in /etc/passwd with an asterisk (*).

Forces all users to use passwords.

Creates an audit ID number for each user.

Turns on the audit flag for all existing users.

Converts the at, batch and crontab input files to use the submitterâ s audit ID.

Starting with HP-UX 11.0, changes the default value for umask to 077 (-rw-------, drwx------); see umask(1).

For the encryption question:
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=958485

Please also read:
http://forums1.itrc.hp.com/service/forums/helptips.do?#33 on how to reward any useful answers given to your questions.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.