HPE Community
Operating System - HP-UX
1752685 Members
5358 Online
108789 Solutions
New Discussion юеВ

Re: Password status - NP, PS, LK

 
Lingaraja Patil
Occasional Contributor

тАО10-10-2006 03:26 AM

тАО10-10-2006 03:26 AM

Password status - NP, PS, LK

Right now all the system logins in HP-UX Ver. 10.20 server have LK(Locked)status. If I change the status of these logins to NP(No Password), then what will be the side effects on the OS/the applications running on this OS.
What I know that "If status is NP, then user will not be authenticated, and he can't read password field". But the information I need is::: what is the use of making status into NP ???
0 Kudos
Reply
5 REPLIES 5
A. Clay Stephenson
Acclaimed Contributor

тАО10-10-2006 03:31 AM

тАО10-10-2006 03:31 AM

Re: Password status - NP, PS, LK

The primary use of making a login "NP" is to make your system extremely vulnerable to attack. If you are going to do this then do it right and also remove root's passwd hash while you are at it.
If it ain't broke, I can fix that.
0 Kudos
Reply
Bill Hassell
Honored Contributor

тАО10-10-2006 04:24 AM

тАО10-10-2006 04:24 AM

Re: Password status - NP, PS, LK

The use of NP is to to allow your system to be instantly turned into trash by the next hacker that finds it. All the logins may have the LK status because you changed to a Trusted system without using SAM (the recommended method). Unlock the accounts with this command:

/usr/lbin/modprpw -V

Now user's will still have their original passwords and your system is protected.


Bill Hassell, sysadmin
0 Kudos
Reply
Lingaraja Patil
Occasional Contributor

тАО10-10-2006 05:02 PM

тАО10-10-2006 05:02 PM

Re: Password status - NP, PS, LK

Ok. What I understand from ur replies is, changing status to NP is totally a bad solution. Am I right???
And the server is not a Trusted Host. Only System Logins are in LK status. Not all the users.
0 Kudos
Reply
Bill Hassell
Honored Contributor

тАО10-10-2006 10:42 PM

тАО10-10-2006 10:42 PM

Re: Password status - NP, PS, LK

If by "System Logins" you mean user IDs such as lp, sys, bin, daemon, adm, etc then you are correct. These are not 'real' users but required for proper system operation. Leave them in the LK state. No user ID on your system should have NP status.


Bill Hassell, sysadmin
0 Kudos
Reply
niro44
New Member

тАО03-12-2012 01:25 PM

тАО03-12-2012 01:25 PM

Re: Password status - NP, PS, LK 

The status is "PS" if the user has a password, "LK" if the user has an
  administrative lock, or "NP" if the user has no password.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.