HPE Community
Operating System - HP-UX
1845956 Members
2003 Online
110250 Solutions
New Discussion

password problem

 
SOLVED
Go to solution
dgizaw
Frequent Advisor

‎05-11-2005 08:20 AM

‎05-11-2005 08:20 AM

password problem

Hi there,
I was trying to copy from (yy) L2000 HP-UX 11.11 all users to a similar system (XX). First I make this system trusted and copy /tcb/files/auth/* and /etc/passwd and /etc/group from the YY sytem to XX. Then I untrusted XX and then back trusted.

I run pwck and thereis no any error. But when I try to ssh to it I get permission denied. I created user123 and able to change the password and when I try to login I get the same error. Even as a root I get the samething. When I compared the /tcb/files/auth/u/user123 files with the working system I see more parameters like u_minch#0:u_exp#15724800 and u_pw_exppire_warning#60480:u_pwchanger=root:

And on YY system I see u_suctty=pts/2:u_unsuclog#1114477270

What is my problem?

Thank you

Daniel
Do not undermine a chalnge
0 Kudos
Reply
8 REPLIES 8
erics_1
Honored Contributor

‎05-11-2005 08:24 AM

‎05-11-2005 08:24 AM

Solution

Re: password problem

Daniel,

You need to first unconvert (yy). Copy the passwd and group files to (xx). Then convert to trusted. Copying tcb files in this manner can result in corruption of the tcb database.

Hope this helps,
Eric
Reply
David Child_1
Honored Contributor

‎05-11-2005 08:26 AM

‎05-11-2005 08:26 AM

Re: password problem

Daniel,

Just curious -- why did you untrust then trust on XX? I don't think that has anything to do with your problem (unless you are using passwords > 8 characters).

Did you try 'su - mylogin' on the system? Did that work? Also try 'login' and see if that works. That will take any 'ssh' issues out of the mix.

David
Reply
Gerald Taylor
Frequent Advisor

‎05-11-2005 08:26 AM

‎05-11-2005 08:26 AM

Re: password problem

I have moved users from untrusted system to trusted system in the past and we ended up having to update the password. Found the best way to do it was to use "usermod" command from sam.

/usr/sam/lbin/usermod.sam -p "dcSjZjvE5ieGc" username

Where "dcSjZjvE5ieGc" is the hash from the password file.
Reply
dgizaw
Frequent Advisor

‎05-11-2005 08:45 AM

‎05-11-2005 08:45 AM

Re: password problem

he reason I trusted the XX system because /tcb/files/.... were not created. At the begining the system was untrusted.
Now I do not want to do anything on the YY ssytem because it is a production system. The users over 300 do not want/know to change their password on this new system.

I can su to any user since I am still root. But I can not open a new session as a root.


Thanks
Do not undermine a chalnge
0 Kudos
Reply
dgizaw
Frequent Advisor

‎05-11-2005 08:49 AM

‎05-11-2005 08:49 AM

Re: password problem

Gerald,
what does usermod do? Do I have to do it for each user?


Thanks
Do not undermine a chalnge
0 Kudos
Reply
dgizaw
Frequent Advisor

‎05-11-2005 08:59 AM

‎05-11-2005 08:59 AM

Re: password problem

I excuted /usr/sam/lbin/usermod.sam -p "ZXASKJK.KJY" user123 and I have the same problem when I ssh to the system. The error messages is : Permission denied, please try again.


Thanks
Do not undermine a chalnge
0 Kudos
Reply
Gerald Taylor
Frequent Advisor

‎05-11-2005 09:02 AM

‎05-11-2005 09:02 AM

Re: password problem

The usermod will update the tcb database with the hash from the origianl password file. It allows the old passwords to work. Yes, you will have to do it for each system but you can script it up by pulling the fields from you old password file.

Gerald
0 Kudos
Reply
dgizaw
Frequent Advisor

‎05-11-2005 10:53 AM

‎05-11-2005 10:53 AM

Re: password problem

Thank all of you. Now I am able to login using telnet. The problem looks like a combination of ssh and corrupted password databse files.


Thank you again for your help
Do not undermine a chalnge
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.