HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Maximum Password Length & /etc/default/security fi...
Operating System - HP-UX
1836473
Members
2004
Online
110101
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-13-2002 12:34 AM
06-13-2002 12:34 AM
Maximum Password Length & /etc/default/security file
Hi All,
I wondered if anyone could provide me with some assistance. I have a HP-UX 11.0 workstation which has trusted mode enabled and the maximum password length is set to 8 characters. The system security policies are set such that system generated pronoucable & system generated random letter passwords are used.
When I create a user account using same the system generated password is 8 characters in length however when the user changes there password at first log in or if the administrator changes it the password length is 10 characters. All characters in the 10 character password are expected when the user logs in.
Is this expected action or a problem?
Whilst looking at the hp document website I came across details of the /etc/default/security file which has an option in it to set the minimum password length. Searching the workstation, I am unable to find this file. Can anyone tell me if is generated when first loading HP-UX or is it something that needs to be added manually?
Thanks in advance.
Kir
I wondered if anyone could provide me with some assistance. I have a HP-UX 11.0 workstation which has trusted mode enabled and the maximum password length is set to 8 characters. The system security policies are set such that system generated pronoucable & system generated random letter passwords are used.
When I create a user account using same the system generated password is 8 characters in length however when the user changes there password at first log in or if the administrator changes it the password length is 10 characters. All characters in the 10 character password are expected when the user logs in.
Is this expected action or a problem?
Whilst looking at the hp document website I came across details of the /etc/default/security file which has an option in it to set the minimum password length. Searching the workstation, I am unable to find this file. Can anyone tell me if is generated when first loading HP-UX or is it something that needs to be added manually?
Thanks in advance.
Kir
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-13-2002 01:42 AM
06-13-2002 01:42 AM
Re: Maximum Password Length & /etc/default/security file
Hi Kir,
I don't have this file in my systems, so this is a file that you must create.
This is from the passwd man page:
Password History
On systems with PAM patch PHCO_13808 or later the system administrator
can enable the password history feature to discourage users from
reusing previously used passwords. To enable the password history
feature, the system administrator should create a file (or open the
file if it already exists) named security under directory /etc/default
and append to it one line content PASSWORD_HISTORY_DEPTH=number. The
line contains three keywords, PASSWORD_HISTORY_DEPTH, =, and a decimal
number which is the desired depth for the password history check. If
the number is 2, the user's new password will be checked against two
previously used passwords. One is the current password, and the other
one is the password used before the current password. A configuration
of password history depth of 2 prevents users from alternating between
two passwords. The maximum password history depth supported is 10 and
the minimum password history depth supported is 1. A depth
configuration of more than 10 will be treated as 10, and a depth
configuration of less than 1 will be treated as 1.
The password history depth configuration is on a system basis and is
supported in trusted system for users in files repository only. This
feature does not support the users in NIS or NISPLUS repositories.
Once the feature is enabled, all the users on the system are subject
to the same check. If the password history configuration file
/etc/default/security does not exist, or if the file exists but the
required line is missing, or if the line exists but any of the three
required keywords is missing, the password history check feature is
automatically disabled. When the feature is disabled, the password
history check depth is set to 1 and a password change is subject to
all of the other rules for a new password including a check with the
current password.
Regards,
Justo.
I don't have this file in my systems, so this is a file that you must create.
This is from the passwd man page:
Password History
On systems with PAM patch PHCO_13808 or later the system administrator
can enable the password history feature to discourage users from
reusing previously used passwords. To enable the password history
feature, the system administrator should create a file (or open the
file if it already exists) named security under directory /etc/default
and append to it one line content PASSWORD_HISTORY_DEPTH=number. The
line contains three keywords, PASSWORD_HISTORY_DEPTH, =, and a decimal
number which is the desired depth for the password history check. If
the number is 2, the user's new password will be checked against two
previously used passwords. One is the current password, and the other
one is the password used before the current password. A configuration
of password history depth of 2 prevents users from alternating between
two passwords. The maximum password history depth supported is 10 and
the minimum password history depth supported is 1. A depth
configuration of more than 10 will be treated as 10, and a depth
configuration of less than 1 will be treated as 1.
The password history depth configuration is on a system basis and is
supported in trusted system for users in files repository only. This
feature does not support the users in NIS or NISPLUS repositories.
Once the feature is enabled, all the users on the system are subject
to the same check. If the password history configuration file
/etc/default/security does not exist, or if the file exists but the
required line is missing, or if the line exists but any of the three
required keywords is missing, the password history check feature is
automatically disabled. When the feature is disabled, the password
history check depth is set to 1 and a password change is subject to
all of the other rules for a new password including a check with the
current password.
Regards,
Justo.
Help is a Beatiful word
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-14-2002 07:39 AM
06-14-2002 07:39 AM
Re: Maximum Password Length & /etc/default/security file
Note that the /etc/default/security file was introduced after the original release of HP-UX 11.00. The number of options settable in this file is growing, but not all of them will work in the older releases like 11.00.
On HP-UX 11.11 and later, there is a security(4) manual page that describes what settings are supported in any given release. For HP-UX 11.00, or for features added in patches, you will generally have to look at the documentation for the relevant patches to find information on which /etc/default/security options are supported. (Of course, these will
be documented in the man page in subsequent
releases.)
A template for /etc/default/security is not shipped in HP-UX 11.11 or earlier. In subsequent releases a commented template will be shipped.
On HP-UX 11.11 and later, there is a security(4) manual page that describes what settings are supported in any given release. For HP-UX 11.00, or for features added in patches, you will generally have to look at the documentation for the relevant patches to find information on which /etc/default/security options are supported. (Of course, these will
be documented in the man page in subsequent
releases.)
A template for /etc/default/security is not shipped in HP-UX 11.11 or earlier. In subsequent releases a commented template will be shipped.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-19-2002 05:35 AM
06-19-2002 05:35 AM
Re: Maximum Password Length & /etc/default/security file
Hi,
Firstly my apologies for not replying sooner. Thanks for the replies, they provide useful information.
Regards
Kirk
Firstly my apologies for not replying sooner. Thanks for the replies, they provide useful information.
Regards
Kirk
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP