HPE Community
Operating System - HP-UX
1753608 Members
5892 Online
108797 Solutions
New Discussion юеВ

Re: 11i /etc/passwd for TRUSTED SYSTEM

 
SOLVED
Go to solution
john guardian
Super Advisor

тАО05-27-2011 08:20 AM

тАО05-27-2011 08:20 AM

11i /etc/passwd for TRUSTED SYSTEM

Could someone supply a real-life sample of what the /etc/passwd file looks like on a system that's been converted to Trusted Mode, please?

Thx.
0 Kudos
4 REPLIES 4
Patrick Wallek
Honored Contributor

тАО05-27-2011 08:25 AM

тАО05-27-2011 08:25 AM

Solution

Re: 11i /etc/passwd for TRUSTED SYSTEM

Certainly. Here's an entry for root on an 11.31 trusted system:

root:*:0:3:atl6 root user:/root:/sbin/sh

The main / only difference is the '*' in what is the encrypted password field.

0 Kudos
Jeff_Traigle
Honored Contributor

тАО05-27-2011 08:25 AM

тАО05-27-2011 08:25 AM

Re: 11i /etc/passwd for TRUSTED SYSTEM

Basically the same as one from a system that hasn't been converted. The only difference is that the password field contains an asterisk instead of the hashed password.

root:*:0:3::/root:/sbin/sh
--
Jeff Traigle
0 Kudos
john guardian
Super Advisor

тАО05-27-2011 08:26 AM

тАО05-27-2011 08:26 AM

Re: 11i /etc/passwd for TRUSTED SYSTEM

Thx!
0 Kudos
Ismail Azad
Esteemed Contributor

тАО05-27-2011 08:28 AM

тАО05-27-2011 08:28 AM

Re: 11i /etc/passwd for TRUSTED SYSTEM

Hi John,

Looks like you are doing some serious research on the trusted system. Just one question, what is it that you expect to see that's so different on /etc/passwd? Jus curious... :)

Well usernames, UIDs, GIDs, GECOS, home directory and the shell all remain the same. The umask value does change but there is one thing you will see in /etc/passwd when associated with a trusted system.

Every entry in /etc/passwd should have a * in the encrypted password field which is one indirect way to find that your system could be trusted.

Regards
Ismail Azad
Read, read and read... Then read again until you read "between the lines".....
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.