HPE Community
Operating System - HP-UX
1836618 Members
1648 Online
110102 Solutions
New Discussion

Re: Passwords on trusted system

 
SOLVED
Go to solution
John Dvorchak
Honored Contributor

‎04-26-2007 07:11 AM

‎04-26-2007 07:11 AM

Passwords on trusted system

I have just gotten 4 hpux 11.23 boxes that have to have "trusted" setup. I have never had to admin a trusted box before and I have all of the issues resolved except one. I have about 50 users that have to be added to these 4 boxes and would like to script it. Now adding them is a no brainer but I can't seem to script setting up a default password of my choice. When I run passwd User_name it askes for a :

Do you want (choose one letter only):
pronounceable passwords generated for you (g)
a string of letters generated (l) ?
to pick your passwords (p) ?

I don't want it to ask. I wonder if there is an undocumented switch that just lets me enter the password.

Or am I just approaching this in a clumsy way? Any suggestion?
If it has wheels or a skirt, you can't afford it.
0 Kudos
Reply
4 REPLIES 4
Dave Hutton
Honored Contributor

‎04-26-2007 07:18 AM

‎04-26-2007 07:18 AM

Solution

Re: Passwords on trusted system

If you are doing it by hand, I thought you can use /sbin/passwd and it forces it.

Not the normal /usr/bin/passwd
Reply
John Dvorchak
Honored Contributor

‎04-26-2007 07:23 AM

‎04-26-2007 07:23 AM

Re: Passwords on trusted system

Dave that does work. But I can't use /sbin/passwd -d username so I would have to probably have something like expect loaded script this. That still isn't a problem.

Now that I think of it, could I just add the users and somehow it would just ask for a password the first time or would I still have to give it a default password in any event.
If it has wheels or a skirt, you can't afford it.
0 Kudos
Reply
Dan Bolton
Frequent Advisor

‎04-27-2007 08:04 AM

‎04-27-2007 08:04 AM

Re: Passwords on trusted system

Just tried this on our test "trusted" system.
# /usr/sbin/useradd testuser

then
# /bin/passwd -d testuser

and got:
You are not allowed to have a null password.

However:
# /sbin/passwd testuser
followed by 2 nulls ([enter][enter])
was accepted (when done as root).

"testuesr" was then prompted to set a password at first login.


Here is another (more dangerous?) thought:
Even though the passwords are encripted in the secure files (/tcb/files/auth/t/testuser for above example) a password can be "applied" by copying/pasting a pre-encrypted 'default' password with normal editing/scripting tools if you have root access. The syntax of the resulting file must be perfect - use at your own risk!
...skid in sideways, chocolate in one hand, martini in the other, totally worn out and screaming, "WOO HOO what a ride!"
0 Kudos
Reply
John Dvorchak
Honored Contributor

‎04-27-2007 08:34 AM

‎04-27-2007 08:34 AM

Re: Passwords on trusted system

Dan I like you answer and testing. I wish I could give more than ten points for all the work you did.

I'll try it next week and see how it works.
If it has wheels or a skirt, you can't afford it.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.