HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: password history on HPUX
Operating System - HP-UX
1825787
Members
2149
Online
109687
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-22-2003 11:55 PM
01-22-2003 11:55 PM
password history on HPUX
is there anyone done this
using shell scripts. I know the OS doesnt keep password
history. can anyone help?
and HPUX keeps on runnin
5 REPLIES 5
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-23-2003 12:06 AM
01-23-2003 12:06 AM
Re: password history on HPUX
Hi,
You can if you set your system as trusted and implement the below.
Password history check of up to 10 passwords.
The system administrator can enable the password history feature to discourage users from reusing previously used passwords. To enable the password history feature, the system administrator should create a file
(or open the file if it already exists) named
/etc/default/security and append to it one line containing:
PASSWORD_HISTORY_DEPTH=number
The line contains three keywords: PASSWORD_HISTORY_DEPTH, =, and a decimal number which is the desired depth for the password history check. If the number is 2, the user's new password will be checked against two previously used passwords. One is the current password, and the other one is the password used before the current password. A configuration of password history depth of 2 prevents users from alternating between two passwords. The maximum password history depth supported is 10 and the minimum password history depth supported is 1. A depth configuration of more than 10 will be
treated as 10, and a depth configuration of less than 1 will be treated as 1.
The password history depth configuration is on a system basis and is supported in trusted system for users in files repository only. This feature does not support the users in NIS or NISPLUS repositories. Once the feature is enabled, all the users on the system are subject to the same check. If the password history configuration file /etc/default/security does not exist, or if the file exists but the required line is missing, or if the line exists but any of the three required keywords is missing, the password history check feature is automatically disabled. When the feature is disabled, the password history check depth is set to 1 and a password change is subject to all of the other rules for a new password including a check with the current password.
To set your system as trusted, use either 'sam' or from the command line '/usr/lbin/tsconvert'
Beware that doing this will expire all passwords on the system including 'root'.
HTH
Michael
You can if you set your system as trusted and implement the below.
Password history check of up to 10 passwords.
The system administrator can enable the password history feature to discourage users from reusing previously used passwords. To enable the password history feature, the system administrator should create a file
(or open the file if it already exists) named
/etc/default/security and append to it one line containing:
PASSWORD_HISTORY_DEPTH=number
The line contains three keywords: PASSWORD_HISTORY_DEPTH, =, and a decimal number which is the desired depth for the password history check. If the number is 2, the user's new password will be checked against two previously used passwords. One is the current password, and the other one is the password used before the current password. A configuration of password history depth of 2 prevents users from alternating between two passwords. The maximum password history depth supported is 10 and the minimum password history depth supported is 1. A depth configuration of more than 10 will be
treated as 10, and a depth configuration of less than 1 will be treated as 1.
The password history depth configuration is on a system basis and is supported in trusted system for users in files repository only. This feature does not support the users in NIS or NISPLUS repositories. Once the feature is enabled, all the users on the system are subject to the same check. If the password history configuration file /etc/default/security does not exist, or if the file exists but the required line is missing, or if the line exists but any of the three required keywords is missing, the password history check feature is automatically disabled. When the feature is disabled, the password history check depth is set to 1 and a password change is subject to all of the other rules for a new password including a check with the current password.
To set your system as trusted, use either 'sam' or from the command line '/usr/lbin/tsconvert'
Beware that doing this will expire all passwords on the system including 'root'.
HTH
Michael
Anyone for a Mutiny ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-23-2003 12:42 AM
01-23-2003 12:42 AM
Re: password history on HPUX
As far as I know it can be done the same on 10.20, 11 and 11i.
Anyone for a Mutiny ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-24-2003 12:57 PM
01-24-2003 12:57 PM
Re: password history on HPUX
Michael, I'd be really surprised if this
worked on 10.20. PHCO_13808 was a patch
to 11.00 that added this functionality. A side effect of that patch was the creation of the /etc/default/security infrastructure, which has been used by many other extensions in later patches to 11.00 and 11.11. The library being patched was not used by
the passwd or login programs before HP-UX 10.30 (11.00, for most customers), nor did /etc/default/security exist in 10.20.
worked on 10.20. PHCO_13808 was a patch
to 11.00 that added this functionality. A side effect of that patch was the creation of the /etc/default/security infrastructure, which has been used by many other extensions in later patches to 11.00 and 11.11. The library being patched was not used by
the passwd or login programs before HP-UX 10.30 (11.00, for most customers), nor did /etc/default/security exist in 10.20.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-24-2003 01:10 PM
01-24-2003 01:10 PM
Re: password history on HPUX
If you are on HP-UX 10.20 then check out patch PHCO_25591.
http://www1.itrc.hp.com/service/patch/patchDetail.do?patchid=PHCO_25591&context=hpux:800:10:20
It is the latest login cumulative patch and it does mention the /etc/default/security file.
http://www1.itrc.hp.com/service/patch/patchDetail.do?patchid=PHCO_25591&context=hpux:800:10:20
It is the latest login cumulative patch and it does mention the /etc/default/security file.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-24-2003 02:00 PM
01-24-2003 02:00 PM
Re: password history on HPUX
Yes, very limited support of /etc/default/security was finally backported to 10.20 several years after the password history code went into 11.00. But the actual enforcement of password history rules takes place in libpam_unix, which was only used by CDE in 10.20 if I remember correctly.
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Support
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP