HPE Community
Operating System - HP-UX
1833757 Members
2971 Online
110063 Solutions
New Discussion

syslog message..

 
jung-kwon_kim
Occasional Contributor

‎10-23-2001 06:30 PM

‎10-23-2001 06:30 PM

syslog message..


hi, everybody
I have been a one question.

the message is follow:

syslog : get_pwhist_config : can not open
/etc/default/security file
default password history depth 1 is used

I think
cause is that it is not found security file
please answer me
0 Kudos
Reply
3 REPLIES 3
Tom Danzig
Honored Contributor

‎10-23-2001 07:02 PM

‎10-23-2001 07:02 PM

Re: syslog message..

If the /etc/default/security file does not exits, the password history depth defaults to one. You can change this by creating the listed file and editing as needs permit.
0 Kudos
Reply
harry d brown jr
Honored Contributor

‎10-23-2001 07:09 PM

‎10-23-2001 07:09 PM

Re: syslog message..

This will answer it:

http://us-support.external.hp.com/cki/bin/doc.pl/sid=caa9f8fb1d19ae5558/screen=ckiDisplayDocument?docId=200000048117924
Live Free or Die
0 Kudos
Reply
T G Manikandan
Honored Contributor

‎10-23-2001 07:14 PM

‎10-23-2001 07:14 PM

Re: syslog message..

This was the solution from Rita Workman.
Assign full points to her.Hope this helps.



The syslog.log is displaying the following message: >"get_pwhist_config: Can not open /etc/default/security file. Default >password history depth 1 is used." >Does anyone know what triggers this message and what should be done to >correct the problem?
Rita pointed out the following article:
http://us-support.external.hp.com/cki/bin/doc.pl/sid=caa9f8fb1d19ae5558/screen=ckiDisplayDocument?docId=200000048117924

Contents of article:
Error in syslog. get_pwhist_config and default password history
DocId: KBRC00000915

PROBLEM
Trusted system running 11.0. Started seeing the following message in /var/adm/syslog/syslog.log: Mar 2 08:17:26 husker syslog: get_pwhist_config: Can not open /etc/default/security file. Default password history depth 1 is used.
What program runs this and what does it mean?
RESOLUTION
This is a relatively new feature on 11.0 systems. It is password history on a trusted system.
Features --------
Password history check of up to 10 passwords.
The system administrator can enable the password history feature to discourage users from reusing previously used passwords. To enable the password history feature, the system administrator should create a file (or open the file if it already exists) named /etc/default/security and append to it one line containing:
PASSWORD_HISTORY_DEPTH=number
The line contains three keywords: PASSWORD_HISTORY_DEPTH, =, and a decimal number which is the desired depth for the password history check. If the number is 2, the user's new password will be checked against two previously used passwords. One is the current password, and the other one is the password used before the current password. A configuration of password history depth of 2 prevents users from alternating between two passwords. The maximum password history depth supported is 10 and the minimum password history depth supported is 1. A depth configuration of more than 10 will be treated as 10, and a depth configuration of less than 1 will be treated as 1.
The password history depth configuration is on a system basis and is supported in trusted system for users in files repository only. This feature does not support the users in NIS or NISPLUS repositories. Once the feature is enabled, all the users on the system are subject to the same check. If the password history configuration file /etc/default/security does not exist, or if the file exists but the required line is missing, or if the line exists but any of the three required keywords is missing, the password history check feature is automatically disabled. When the feature is disabled, the password history check depth is set to 1 and a password change is subject to all of the other rules for a new password including a check with the current password.


0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.