HPE Community
Operating System - HP-UX
1834208 Members
2459 Online
110066 Solutions
New Discussion

Re: password aging

 
Cifs 9000
Advisor

‎06-29-2007 06:38 AM

‎06-29-2007 06:38 AM

password aging

system hp 11.0

we are using non - trusted system
we are using kerberos and pam.

but i want password aging how can i use it

# passwd -r files -f -x 70 -n 7 testuser
I tried this after I go this message

HP-UX xyz.abcd.com B.11.11 U 9000/800 (tb)

login: testuser
Password:
Your password has expired. Choose a new one
Changing password for testuser
Sorry.
login:



0 Kudos
Reply
5 REPLIES 5
Court Campbell
Honored Contributor

‎06-29-2007 06:44 AM

‎06-29-2007 06:44 AM

Re: password aging

> HP-UX xyz.abcd.com B.11.11 U 9000/800 (tb)

sure you are not 11.11?

you can install shadow passwords to get this functionality.

http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=ShadowPassword
"The difference between me and you? I will read the man page." and "Respect the hat." and "You could just do a search on ITRC, you don't need to start a thread on a topic that's been answered 100 times already." Oh, and "What. no points???"
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

‎06-29-2007 08:13 AM

‎06-29-2007 08:13 AM

Re: password aging

You don't have to be a trusted or shadowed system for password aging and minimum time between password changes to work. In fact, this functionality has been in UNIX since the dawn of time even with NIS. No other form of password expiration is possible with the vanilla passwd file. You should note that although you specify the values in days the actual resolution is weeks because of how the data are encoded. The weeks actually end on Thurdays because 1-Jan-1970 fell on a Thursday.
If it ain't broke, I can fix that.
0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

‎06-29-2007 03:20 PM

‎06-29-2007 03:20 PM

Re: password aging

>Clay: The weeks actually end on Thurdays

That's only if you are near GMT. In the US, it ends on Wed.
0 Kudos
Reply
Cifs 9000
Advisor

‎07-02-2007 01:29 AM

‎07-02-2007 01:29 AM

Re: password aging

In Hp-ux 11.0 , I don't think we can install shadow password if yes please let me know.

2. we r not using trusted system how to password aging or with any script can be force user to change password within 90 days.

3. I could not understand about 1970, thrusday thing. Could u please explain me.
0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

‎07-02-2007 01:40 AM

‎07-02-2007 01:40 AM

Re: password aging

The password aging is encoded in the 4 chars that are after the "," in the password field in passwd(4).

The granularity is in terms of weeks since the start of the Epoch, which was Thursday, Jan 1, 1970 as Clay mentioned

See:
http://docs.hp.com/en/B2355-60130/passwd.4.html
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.