HPE Community
Operating System - HP-UX
1836617 Members
2127 Online
110102 Solutions
New Discussion

Re: Root Password

 
P.V.Ramesh
Advisor

‎08-16-2002 10:27 AM

‎08-16-2002 10:27 AM

Root Password

Hi

How to increase the no of attempts for root login account.

Ramesh
0 Kudos
Reply
9 REPLIES 9
Patrick Wallek
Honored Contributor

‎08-16-2002 10:34 AM

‎08-16-2002 10:34 AM

Re: Root Password

The easiest way is to go into SAM, select the root user, then select the ACTIONS menu (I think) and then under one of the menus there is an option to increase the no of attempts for invalid root logins before it disables it.
0 Kudos
Reply
Kelli Ward
Trusted Contributor

‎08-16-2002 10:34 AM

‎08-16-2002 10:34 AM

Re: Root Password

One quick way would be to modify the root user in the User section of SAM.
Another way is to use the modprpw command on a trusted system.
Good luck,
Kel
The more I learn, the more I realize how much more I have to learn. Isn't it GREAT!
0 Kudos
Reply
P.V.Ramesh
Advisor

‎08-16-2002 10:36 AM

‎08-16-2002 10:36 AM

Re: Root Password

Mr. Patrick

But all this information will be writen in one of the file. I would like to know which file this information available.
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎08-16-2002 10:37 AM

‎08-16-2002 10:37 AM

Re: Root Password

I don't know this for certain, but I THINK that this information is contained in the /tcb/auth/r/root file. I think that's the right path.

To verify just look for root in the /tcb directory structure.
0 Kudos
Reply
P.V.Ramesh
Advisor

‎08-16-2002 10:42 AM

‎08-16-2002 10:42 AM

Re: Root Password

My machine i not having /tcb directory. How do i know the password is trusted or not.
0 Kudos
Reply
Kelli Ward
Trusted Contributor

‎08-16-2002 10:43 AM

‎08-16-2002 10:43 AM

Re: Root Password

Hi All,
For a trusted system it should be in
/tcb/auth/pfiles/r/root
(might have reversed auth and pfiles)
Use care when modifying that file directly.

For some reason, I was thinking this could also be done in a non-trsuted system in SAM but was just looking and didn't see anything. I was probably thinking of password aging.
Good luck
Kel
The more I learn, the more I realize how much more I have to learn. Isn't it GREAT!
0 Kudos
Reply
Kelli Ward
Trusted Contributor

‎08-16-2002 10:59 AM

‎08-16-2002 10:59 AM

Re: Root Password

Hi,
Sorry 'bout that, I was writing my response while you were writing your question.
If you have no /tcb directory, your system is not trusted. All the trusted mode database files are within that directory.
Let me see if I can figure out how to increase users in a non-trusted environment.
I can't remember if or how. Again, I can only think of password aging.
By the way,
Are you getting an error with a user? If so, what is it? Also, was version of unix are you running?
Thanks,
Kel
The more I learn, the more I realize how much more I have to learn. Isn't it GREAT!
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

‎08-16-2002 11:00 AM

‎08-16-2002 11:00 AM

Re: Root Password

Ramesh,

Run the following command

/usr/lbin/getprpw root

In the output note the value of umaxlntr. It is the number of unsuccessful attempts.

If your system is not trusted, you will get the error message that the system is not trusted.

getprpw reads the info from /tcb/files/auth/r/root file

If your system is not trusted, you do not need to worry about the no of attempts unless you are running any third party password management tools like Control-SA, e-Trust etc.,

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
Kelli Ward
Trusted Contributor

‎08-16-2002 11:07 AM

‎08-16-2002 11:07 AM

Re: Root Password

Also, root can lock an account with passwd -l
This could have happened to you as well. Check /etc/passwd, if the users encrytped password was replaced with a * (after second colon) that could be it.

I think Sri might have hit it on the head with a 3rd party software.

Kel
The more I learn, the more I realize how much more I have to learn. Isn't it GREAT!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.