HPE Community
Operating System - HP-UX
1824976 Members
3732 Online
109678 Solutions
New Discussion юеВ

HP NIS client to Linux NIS server. Password problems.

 
Kenyon Hoggard
New Member

тАО06-25-2003 12:30 PM

тАО06-25-2003 12:30 PM

HP NIS client to Linux NIS server. Password problems.

I just switched from an HPUX NIS server to a Red Hat NIS server. The HPUX (10.20 & 11.0) clients don't seem to pass more than the 8 character passwords to the server for uthentication. Also, If I create a password on the Linux server (even if it is 8 or less characters) I can't login to the HP. Any ideas on getting around this?

Thanks
0 Kudos
Reply
6 REPLIES 6
Suresh Patoria
Super Advisor

тАО06-27-2003 01:30 AM

тАО06-27-2003 01:30 AM

Re: HP NIS client to Linux NIS server. Password problems.

Actually i don't know what u did the client configuration in HP-UX system

According to me u check the following things

1.) Have u propery did the client configuration just check the /etc/rc.connfig.d/namesvrs, do the needful changes for NIS client require

2.)then pls check the /etc/nsswitch.conf file for authentication and host resolution order
if it is file dns nis than pls change order to nis file dns

3.) start the /sbin/init.d/nis.client service

If still the problem occure than i would like know what configuration u did client side
0 Kudos
Reply
Caesar_3
Esteemed Contributor

тАО06-27-2003 01:36 AM

тАО06-27-2003 01:36 AM

Re: HP NIS client to Linux NIS server. Password problems.

Hello!

You probably use the shadow suite on your linux
so when you create the user his password saved in other file (not in /etc/passwd)
Over the NIS you have data from /etc/passwd
but password not! So when you give the password
it can check it.
Check if you use shadow passwords on linux,
in /etc/passwd file all the password field have "*" and not encripted password.

Caesar
0 Kudos
Reply
Brian Hackley
Honored Contributor

тАО06-30-2003 07:09 AM

тАО06-30-2003 07:09 AM

Re: HP NIS client to Linux NIS server. Password problems.

Hi,
HP-UX uses only the first 8 character in a password. You can type in longer passwords, but only the first 8 characters are used in an untrusted HP-UX system.

For example, the passwd command and login routines would see the following passwords as
"12345678" :
1234567890
12345678xx
12345678

Confirm this in the passwd(1)man page. Also, NIS is not supported on Trusted system on HP-UX.

Hope this helps,
-> Brian Hackley
Ask me about telecommuting!
0 Kudos
Reply
Suresh Patoria
Super Advisor

тАО07-02-2003 02:32 AM

тАО07-02-2003 02:32 AM

Re: HP NIS client to Linux NIS server. Password problems.

Hi,

I forgot to mention one point in above my message
After the changing pasorwd on the server you go in to the /var/yp direcotry and update the database through the ypmake command
0 Kudos
Reply
Kevin Wright
Honored Contributor

тАО07-02-2003 06:59 AM

тАО07-02-2003 06:59 AM

Re: HP NIS client to Linux NIS server. Password problems.

It has been my experience when using multiple OS's in a NIS environment, to use Redhat only as a client. Have a Sun or HP box as your server makes things alot easier. Also, what are you using for passwd encryption on linux, crypt?? check your pam.conf file to see.
0 Kudos
Reply
Kenyon Hoggard
New Member

тАО07-10-2003 06:40 AM

тАО07-10-2003 06:40 AM

Re: HP NIS client to Linux NIS server. Password problems.

Thanks for the responses. I should have given more information in my first message. NIS works and will authenticate users if I set the password from the HP and use 8 characters or less. I am using shadow passwords on the Linux NIS server, but have told NIS to merge the passwd and shadow files (I guess this kinda denys the point of shadowing passwords). I knew the limitation of the HPs from using the HP as the NIS server and the Linux machine as a client with a passwd > 8 chars. The Linux machine would not ignore past 8 chars so the password would not match. The HP would ignore past 8 chars and allow login.

I was hoping someone knew of a way around this limitation. Does anyone know which module causes this limitation (maybe dtlogin)? Might there be an upgrade for it? Would LDAP solve this problem, or is the method of authentication irrelevent? The only reason I moved to a Linux NIS server was to remove this limitation. My users find it difficult to remember passwords of exactly 8 chars.

Any suggestions are welcome. Thanks again for your responses.

Kenyon

P.S. Kevin,
I tried to find out which passwd encryption we are using, but am having trouble. I have the module that is called for session authentication, but I can't see how to tell which encryption is being used. For session auth it uses both pam_limits.so and pam_unix.so (both required). Thanks.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.