HPE Community
Operating System - HP-UX
1823959 Members
4839 Online
109667 Solutions
New Discussion юеВ

pwhist on trusted system

 
Bolek Mynarski
Frequent Advisor

тАО03-20-2002 02:25 PM

тАО03-20-2002 02:25 PM

pwhist on trusted system

OK. I give up. I've been searching high and low, leaving no stone unturned and yet still cnanot find any answer to my problem.

System in question: HP-UX 10.20 (trusted).

I am trying to implement /etc/default/security feature in conjunction with already existing security policies in place. I want to make sure that users cannot re-use the same password for the next 5 password changes.

I thought that by entering the following line into that file:
PSSWORD_HISTORY_DEPTH=5
I will solve my issue. No luck. It seems like system does not even consult this file.

After reading more on this, 'pwhist' came into light. Now I know that the following should exist on my system:

/tcb/files/auth/system/pwhist where pwhist is a directory (I assume). It wasn't there, so I created it. Because I could not find any info on what kind of permissions it should have, I gave it 775.

No luck. I still was able to alternate my two passwords and not entries were put to
/tcb/files/auth/system/pwhist either.

I am spinning my wheels now. As I said, I am running HP-UX 10.20 in trusted mode. Is there a patch or something I don't know that makes that feature unusable on my system?

I would really appreciate any light shed on this matter...

Thanks.
It'snever too late to learn new things...
0 Kudos
Reply
4 REPLIES 4
John Carr_2
Honored Contributor

тАО03-20-2002 02:36 PM

тАО03-20-2002 02:36 PM

Re: pwhist on trusted system

Hi

I suspect your /etc/default/security file is incorrect. have a look at the man page for passwd and search for stringdefault/security.
The paragraph containing the string says the file will not work unless the 3 required strings are present which is not per your entry :

PSSWORD_HISTORY_DEPTH=5

hope this gets you going in the right direction
john.
0 Kudos
Reply
Bolek Mynarski
Frequent Advisor

тАО03-20-2002 06:44 PM

тАО03-20-2002 06:44 PM

Re: pwhist on trusted system

The more I research it and the more reading I do, I get convinced more and more every time that /etc/default/security file is a unique feature for HP-UX 11.+ systems and is not available for HP-UX 10.20.

Is there anybody outhere who successfuly has implemented that file (I am mostly after PASSWORD_MAX_DEPTH=5 feature)?

If so, could such a person give me a glimpse on how s/he has accomplished that?

Thanks.

P.S. Again, I am running on HP-UX 10.20 system and not 11.+! (trusted).

Thanks.
It'snever too late to learn new things...
0 Kudos
Reply
K.Vijayaragavan.
Respected Contributor

тАО03-20-2002 09:39 PM

тАО03-20-2002 09:39 PM

Re: pwhist on trusted system

You are right!

This feature is not availabe with a 10.20 (trusted) system.
It is not considering the security file. Even the man page of passwd in 10.20 is not saying anything about the /etc/default/security file and "PASSWD_HISTORY_DEPTH=#" option.

Butin case of 11.00 it considers security file and even the man page of passwd mentions about it.

I had a check with both 10.20 and 11.00 trusted system.

-Vijay
"Let us fine tune our knowledge together"
0 Kudos
Reply
K.Vijayaragavan.
Respected Contributor

тАО03-20-2002 10:12 PM

тАО03-20-2002 10:12 PM

Re: pwhist on trusted system

Have you got the patch,
PHCO_25591 in your sytstem?

see link:
http://us-support2.external.hp.com/wpsl/bin/doc.pl/screen=wpslDisplayPatch/sid=1a065e901dd60a9468?PATCH_PATH=/hp-ux_patches/s700_800/10.X/PHCO_25591&HW=s800&OS=10.20

-Vijay
"Let us fine tune our knowledge together"
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.