HPE Community
Operating System - HP-UX
1851075 Members
2613 Online
104056 Solutions
New Discussion

Re: Shadow Passwords

 
Jeffrey S. Sims
Trusted Contributor

‎03-08-2001 09:01 AM

‎03-08-2001 09:01 AM

Shadow Passwords

This is my first post here, so bare with me. I wanted to know if there is a way to convert to shadow passwords on HP-UX 10.20 without converting to a trusted system.
0 Kudos
Reply
5 REPLIES 5
Bruce Regittko_1
Esteemed Contributor

‎03-08-2001 09:12 AM

‎03-08-2001 09:12 AM

Re: Shadow Passwords

Hi,

Welcome to the forums. Unfortunately, I don't think that it is possible to convert to just a shadow password system. You only get this functionality from converting to a trusted system.

--Bruce
www.stratech.com/training
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎03-08-2001 09:34 AM

‎03-08-2001 09:34 AM

Re: Shadow Passwords

Bruce is correct. You also cannot convert to a trusted system if you are running NIS.
0 Kudos
Reply
Jeffrey S. Sims
Trusted Contributor

‎03-08-2001 09:47 AM

‎03-08-2001 09:47 AM

Re: Shadow Passwords

Thanks for the promptness, the answer is what I feared. I was just hoping since Linux uses shadow and yet isn't a trusted system that there was a way to do it with HP-UX but I guess not.

If you help me distribute points I will be on my way. Yes I will give points, I noticed that some people don't bother, but it helps you to know who helps and who doesn't. Even if it isn't the answer you wanted to hear.
0 Kudos
Reply
Joseph C. Denman
Honored Contributor

‎03-08-2001 08:04 PM

‎03-08-2001 08:04 PM

Re: Shadow Passwords

Is there a reason you do not want to conver to a trusted system? There is not too much overhead associated with it.

...jcd...
If I had only read the instructions first??
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎03-08-2001 08:18 PM

‎03-08-2001 08:18 PM

Re: Shadow Passwords

Just a note about shadow passwords versus trusted (C2 security). SHadow passwords have been around for a very long time and just not very secure anymore. Linux is using the old standard, just like HP-UX about 6-7 years ago.

A trusted is a much more secure method for handling password. That's why it is incompatible with NIS. The reason you want to hide the password is to protect the encryted string from being guessed using some other computer. NIS takes the password entries and exposes them to everyone on the LAN--not very secure at all. Now NIS+ will encrypt the data on the net but the downside is that every client must be upgraded to NIS+.


Bill Hassell, sysadmin
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.