HPE Community
Operating System - HP-UX
1834639 Members
2603 Online
110069 Solutions
New Discussion

Re: Is my system trusted ?

 
SOLVED
Go to solution
marc seguin
Regular Advisor

‎12-20-2001 03:17 AM

‎12-20-2001 03:17 AM

Is my system trusted ?

I'm on charge of a new machine and I don't know if iti is a trusted system or not.
The /tcb/files/auth/* directories exist (are they deleted when untrusting a system ?)
But in the /etc/passwd file, encrypted passwd still exist. Shouldn't they be removed on a trusted system ?

So, how to know if the system is trusted ?

thanks.
0 Kudos
Reply
9 REPLIES 9
Alan Casey
Trusted Contributor

‎12-20-2001 03:19 AM

‎12-20-2001 03:19 AM

Re: Is my system trusted ?

If you can access the following:

SAM / Auditing and Security / System security Polocies.

Then you are dealing with a trusted system for definite!

0 Kudos
Reply
eran maor
Honored Contributor

‎12-20-2001 03:58 AM

‎12-20-2001 03:58 AM

Re: Is my system trusted ?

Hi

you can check it with SAM .

also you can cat the /etc/passwd - if your system have ****** in the passwd file that mean that your system is truted .

another way is to see if you have files in : /tcb/files/auth/

you can also see this answer :

http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0xc2ecd211e18ad5118ff10090279cd0f9,00.html
love computers
0 Kudos
Reply
Kurt Beyers.
Honored Contributor

‎12-20-2001 04:01 AM

‎12-20-2001 04:01 AM

Re: Is my system trusted ?

Have a look in the /etc/passwd file.

If all the passwords are a *, you are running in trusted mode (e.g for a ora817 user):
ora817:*:105:103:,,,:/home/ora817:/usr/bin/sh

If the password is some encrypted text, you're not running in trusted mode:
ora817:h7FZmrWC7Ou.I:105:103:,,,:/home/ora817:/usr/bin/sh

Kurt
0 Kudos
Reply
Craig Rants
Honored Contributor

‎12-20-2001 06:59 AM

‎12-20-2001 06:59 AM

Re: Is my system trusted ?

Use the command /usr/lbin/getprdef

System is not trusted will appear if such is true, otherwise you will get a little a much different output.

Look at the return codes if you want to script this.

GL,
C
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
0 Kudos
Reply
Sanjay_6
Honored Contributor

‎12-20-2001 07:06 AM

‎12-20-2001 07:06 AM

Re: Is my system trusted ?

Hi Marc,

If you login into a trusted system. After displaying the messages regarding checking disk quotas and copyright, it displays the time and terminal from where the last successfule and unsuccessful login was attempted. Or something like that. This message is not displayed on a untrusted system.

Hope this helps.

Regds
0 Kudos
Reply
marc seguin
Regular Advisor

‎12-20-2001 07:08 AM

‎12-20-2001 07:08 AM

Re: Is my system trusted ?

That's what I was saying, Eran and Kurt : I have the directory /tcb/files at the same time as encrypted passords in file /etc/passwd !
So who to believe ?

Using SAM, or the command getprdef, it seems it is a trusted system.
So why passords are still in /etc/passwd ?????????
0 Kudos
Reply
Craig Rants
Honored Contributor

‎12-20-2001 07:18 AM

‎12-20-2001 07:18 AM

Solution

Re: Is my system trusted ?

I don't have a good explanation on why there are passwords in /etc/passwd, but here is what I would do.

/usr/lbin/tsconvert ???r to unconvert from command line

/usr/lbin/tsconvert ???c to convert from command line

for i in `cat /etc/passwd | awk -F: '{print $1}'`
do
/usr/lbin/modprpw -V $i
done

What does /etc/passwd look like then.

MC,
C
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
Reply
Helen French
Honored Contributor

‎12-20-2001 07:25 AM

‎12-20-2001 07:25 AM

Re: Is my system trusted ?

hey,

Normally, If any of the /etc/passwd users are also in the shadow password file at the time the pwconv was done, they are not converted.To convert the encrypted /etc/passwd user passwords, remove them from
shadow passwd prior to running pwconv.

HTH,
Shiju
Life is a promise, fulfill it!
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.