HPE Community
Operating System - HP-UX
1834769 Members
2884 Online
110070 Solutions
New Discussion

Re: Keeping loginoid as password

 
Shibu_2
Occasional Advisor

‎10-29-2003 05:01 PM

‎10-29-2003 05:01 PM

Keeping loginoid as password

Hello all


Any one please help in keeping the exact loginoid as password in Hp 11.0 Trusted System.
This is required for application purpose.


regds
Shibu
Engineer
0 Kudos
Reply
4 REPLIES 4
Elmar P. Kolkman
Honored Contributor

‎10-29-2003 05:25 PM

‎10-29-2003 05:25 PM

Re: Keeping loginoid as password

As I understand, you want the loginname and password being kept the same for some users. Not really secure, but I think it can be done. If you use SAM and modify the user account you can select an option in the password options item: 'Allow only super-user to change password'. This should do the trick.

But I'm not really sure if this option is available on a trusted system, since I don't have any in my network. It should work according the manual page, but I can't try for myself.
Every problem has at least one solution. Only some solutions are harder to find.
0 Kudos
Reply
Hoefnix
Honored Contributor

‎10-29-2003 05:30 PM

‎10-29-2003 05:30 PM

Re: Keeping loginoid as password

If you mean you want to have user-account with a password thats the same as the login-id?

This is normally not allowed in a Trusted system, but i think you can overrull this by using the tool cryptpw.

cryptpw login-id will give an encrypted string.
This string you can type in the shadow password file of the specific user.

I do not have a trusted system but the shadow password files are somewhere in /tcb/...

Hope this works.
0 Kudos
Reply
Alan Turner
Regular Advisor

‎10-29-2003 08:32 PM

‎10-29-2003 08:32 PM

Re: Keeping loginoid as password

As root, you should be able to set the password for a user, e.g. "appuser":

passwd appuser

(when the prog asks for the password options, enter 'p', to pick a password, then you can enter a password of your choice). I don't know if the password validation routine will reject a password the same as the user name, or lacking digits etc. If so, you could try using SAM to change the password validation rules. Another option would be to try getting an encrypted password on an un-trusted system, then editing the trusted machine's password file (/tcb/files/auth/a/appuser, for the example).
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎10-29-2003 11:00 PM

‎10-29-2003 11:00 PM

Re: Keeping loginoid as password

Hi Shibu,

I would have a talk with this App vendor or developer. They're asking to break one of the first rules of security. One *never* wants a username & PW to match. Why? Because all a maliscious user or hacker would need is access to the system to login & stop or corrupt the application. If they discover that user name, they can effectively control or destroy that application.
So even if you could do this, I wouldn't.

My 2 cents,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.