HPE Community
Operating System - HP-UX
1833790 Members
2567 Online
110063 Solutions
New Discussion

Security of password

 
Eric Jacklin
Regular Advisor

‎06-18-2008 06:25 AM

‎06-18-2008 06:25 AM

Security of password

Hi team,

we have HP ux 11.11 running on our server and i would like to enable below mention security on the existing account so how should i do that ?



Password length 8 chars minimum.
Passwords are alpha numeric
Password depth 12 minimum
Automatic timeout after a period of inactivity
0 Kudos
Reply
8 REPLIES 8
Pete Randall
Outstanding Contributor

‎06-18-2008 06:32 AM

‎06-18-2008 06:32 AM

Re: Security of password

I believe most, if not all, of this can be set up in the /etc/default/security file. See "man security" for details.


Pete

Pete
0 Kudos
Reply
Eric Jacklin
Regular Advisor

‎06-18-2008 06:34 AM

‎06-18-2008 06:34 AM

Re: Security of password

/etc/default/security file is not there in the location

Is it due to PAM ?
if yes, then what is the alternate
0 Kudos
Reply
Pete Randall
Outstanding Contributor

‎06-18-2008 06:40 AM

‎06-18-2008 06:40 AM

Re: Security of password

The file itself was not there on 11.11 - you can simply create it. In case you don't have the man page, it can be found here:

http://www.docs.hp.com/en/B2355-90909/B2355-90909.pdf


Pete

Pete
0 Kudos
Reply
Eric Jacklin
Regular Advisor

‎06-18-2008 11:47 PM

‎06-18-2008 11:47 PM

Re: Security of password

I am still bit confused on the file creation part

Becasue i have checked the account through SAM and it is using some basic password security.

So with out security file how those setting sare being operated now.

In addition would you please let me know after creating a /etc/default/security file do i need to carried out any further steps
0 Kudos
Reply
Jeeshan
Honored Contributor

‎06-19-2008 03:13 AM

‎06-19-2008 03:13 AM

Re: Security of password

or you can set it through SAM -> Auditing and Security ->System Security Policies.
a warrior never quits
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎06-19-2008 04:25 PM

‎06-19-2008 04:25 PM

Re: Security of password

There are three main places to maintain security policies: /etc/default/security which does not exist and must be created. Use the command:

man security

Then add the lines you want into this file. The second location is SAM where the global security settings are under the SAM section for all new users. And the third location is also in SAM where you can alter the policy settings for individual users.

Now, once you change the password policy, it has no effect on the current passwords. The new rules apply only when the user changes their password. But you can force a user to change their password the next time they login using modprpw (man modprpw).

Finally, NONE of your requirements can be specified unless you have your system Trusted. The keywords in the security file are silently ignored in non-Trusted systems.


Bill Hassell, sysadmin
0 Kudos
Reply
SKR_1
Trusted Contributor

‎06-23-2008 08:51 AM

‎06-23-2008 08:51 AM

Re: Security of password

System should be trusted first, then you can set all these policies with the help of sam.
0 Kudos
Reply
Khairul_1
Frequent Advisor

‎06-24-2008 03:50 AM

‎06-24-2008 03:50 AM

Re: Security of password

Hi Jit's
You can do the above on trusted system.
Automatic timeout you need to do following:

Edit /etc/profile
#vi /etc/profile

export TMOUT=600 #Telnet session timeout 10 minutes i.e. 60x10=600

Check the Timeout:
#echo $TMOUT

Please assing point who are reply your question.
Thanks
Khairul
Bangladesh
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.