- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: /tcb, u_maxtries and various other vars
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-23-2011 07:56 AM
тАО05-23-2011 07:56 AM
/tcb, u_maxtries and various other vars
In checking /tcb/files/auth/system/default for u_maxtries, it was found to be 0 (NG).
I need to change it and several other vars to control login timeout value (30-45 secs) and time between login attempts (5 or more secs).
Is SAM the best approach?
What file/db (if any) holds the values for these other control vars?
Thx.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-23-2011 08:05 AM
тАО05-23-2011 08:05 AM
Re: /tcb, u_maxtries and various other vars
Hope this helps
UNIX because I majored in cryptology...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-23-2011 08:22 AM
тАО05-23-2011 08:22 AM
Re: /tcb, u_maxtries and various other vars
On the manpage for security:
AUTH_MAXTRIES This attribute controls whether an account is locked after too many consecutive
authentication failures.
It does not apply to trusted systems.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-23-2011 10:03 AM - last edited on тАО08-08-2011 01:50 PM by Kevin_Paul
тАО05-23-2011 10:03 AM - last edited on тАО08-08-2011 01:50 PM by Kevin_Paul
Re: /tcb, u_maxtries and various other vars
It can be placed it /etc/default/security but effectiveness of this setting is dependent on using PAM with ldap module accourding to this document. I have never configured it from scratch and took it for granted. So, I really don't know how the mechanics work. But here's the document:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&taskId=110&prodSeriesId=4164814&prodTypeId=18964&objectID=c02538590
also see this old forum thread:
http://h30499.www3.hp.com/t5/System-Administration/AUTH-MAXTRIES-not-working-in-HP-UX-11-31/m-p/5235169#M468988
information combined in both of them, may help you.
UNIX because I majored in cryptology...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-23-2011 10:39 AM
тАО05-23-2011 10:39 AM
Re: /tcb, u_maxtries and various other vars
Anybody else... please?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-23-2011 12:17 PM
тАО05-23-2011 12:17 PM
Re: /tcb, u_maxtries and various other vars
Have always read in quiet a few places, one thing that HP reccommends for conversion to a trusted system is SAM. But that is for "conversion". Anyways although the *logout* term has been sort of an emptiness to me as far as a trusted system is concerned, I did come accross a database for one of the other control vars as you put it.
Speaking int terms of,
> time between login attempts.
The database for this control var as you put it is what is termed as u_llogin which hopefully you can modify with modprpw with the llog=value. However this specific database consists of time between *logins* and not *attempts*.
Regards
Ismail Azad