HPE Community
Operating System - HP-UX
1837111 Members
1962 Online
110112 Solutions
New Discussion

how to change the no of characters , numerical letters in trusted mode.

 
Mani K
Occasional Advisor

‎03-05-2006 08:24 PM

‎03-05-2006 08:24 PM

how to change the no of characters , numerical letters in trusted mode.

Hi gurus,

I need a help.
I have converted my system in to trusted mode.
I set the maximum length of password =12.

I also wanted to specify the no of characters and numericals , and special characters manually.
Moreover , can u tell me , what is the default combination available in trusted mode ?


thank u all ..

Mani
Never Say Can't.........................
0 Kudos
Reply
10 REPLIES 10
Peter Godron
Honored Contributor

‎03-05-2006 08:28 PM

‎03-05-2006 08:28 PM

Re: how to change the no of characters , numerical letters in trusted mode.

Mani,
can you have a look at the
/etc/default/security
file.

There should be things like:
PASSWORD_MIN_UPPER_CASE
etc.
0 Kudos
Reply
Mani K
Occasional Advisor

‎03-05-2006 09:15 PM

‎03-05-2006 09:15 PM

Re: how to change the no of characters , numerical letters in trusted mode.

thanks guru,
I just wanna know , does trusted system refer /etc/default/security ?

-Mani
Never Say Can't.........................
0 Kudos
Reply
Pete Randall
Outstanding Contributor

‎03-05-2006 10:39 PM

‎03-05-2006 10:39 PM

Re: how to change the no of characters , numerical letters in trusted mode.

Yes, a trusted system does respect /etc/default/security. See "man security".


Pete

Pete
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎03-06-2006 02:52 AM

‎03-06-2006 02:52 AM

Re: how to change the no of characters , numerical letters in trusted mode.

Hi Mani,

In the /etc/default/security file you can have such statements as:

PASSWORD_HISTORY_DEPTH=
PASSWORD_MIN_UPPER_CASE_CHARS=
PASSWORD_MIN_LOWER_CASE_CHARS=
PASSWORD_MIN_DIGIT_CHARS=
PASSWORD_MIN_SPECIAL_CHARS=

That define the values enforced by a trusted system.
These are almost mandatory now for SOX servers or you'll get dinged in a SOX audit.

You should also look at the /tcb/files/auth/system/default file because that's where you set PW values such as lifetime, minimum time between changes, max PW entry tries, PW max length & several more.


Rgds,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎03-06-2006 11:08 AM

‎03-06-2006 11:08 AM

Re: how to change the no of characters , numerical letters in trusted mode.

A Trusted system uses two files for rules on password creation as mentioned. Now the /etc/default/security does not exist on a new system. I have attached a sample security file with lots of comments. NOTE: the security files has dramatically changed over the last few years and working settings depends on security patches as well as the version of HP-UX. So the best rule is to download the security patch checker, add all the missing security patches and then check the man page for security to see what is enabled. A misspelled parameter name is silently ignored, so you'll have to test your settings.


Bill Hassell, sysadmin
0 Kudos
Reply
bhumireddy
New Member

‎03-06-2006 07:13 PM

‎03-06-2006 07:13 PM

Re: how to change the no of characters , numerical letters in trusted mode.

Hi , thanks for your replies,
see.. my /etc/default/security is like this

******************************************
ABORT_LOGIN_ON_MISSING_HOMEDIR=1
MIN_PASSWORD_LENGTH=8
PASSWORD_HISTORY_DEPTH=3
#PASSWORD_MIN_SPECIAL_CHARS=1
SU_ROOT_GROUP=root
UMASK=027
***************************


in /etc/default/security file i mentioned minimum length is 8 and , in /tcb/files/auth/system/default i mentioned the max length is 40.

But when i change the passwd from 8 characters to >8 , i could not login to the system. i don't know what other steps to be followed up. Pls help..


regards,
Mani
0 Kudos
Reply
Peter Godron
Honored Contributor

‎03-06-2006 08:42 PM

‎03-06-2006 08:42 PM

Re: how to change the no of characters , numerical letters in trusted mode.

Mani,
did you use SAM to convert your system?
Are you using SAM to maintain/change policies?
If you are not confident in what you are doing, I would recommend always using SAM.
It's easy to make a typing mistake whilst editing files.

For your current problem:
Are you running NIS? Have a look at your /etc/nsswitch.conf file, does it only refer to files, or do you have compat mentioned?
0 Kudos
Reply
Bharat Katkar
Honored Contributor

‎03-06-2006 09:01 PM

‎03-06-2006 09:01 PM

Re: how to change the no of characters , numerical letters in trusted mode.

See if the doc attached helps.
Regards,
You need to know a lot to actually know how little you know
0 Kudos
Reply
Bharat Katkar
Honored Contributor

‎03-06-2006 09:02 PM

‎03-06-2006 09:02 PM

Re: how to change the no of characters , numerical letters in trusted mode.

See if the doc attached helps.
Regards,
You need to know a lot to actually know how little you know
0 Kudos
Reply
bhumireddy
New Member

‎03-06-2006 10:07 PM

‎03-06-2006 10:07 PM

Re: how to change the no of characters , numerical letters in trusted mode.

Hi all,

I have converted it using SAM only.
Is there any recommended patch to be applied before convertion.


$ uname -a
HP-UX TTLDRSAS B.11.11 U 9000/800 4204107669 unlimited-user license

regards,
Mani

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.