Re-enabling a locked root account on Trusted HP-UX
I knew I had had seen this somewhere:
While I was looking for the above information, I found this announcement: HP-UX security features supercede trusted mode. So I'm not sure how much longer the tip on re-enabling the root account will be useful. But I will this thread into our FAQ on recovering root passwords anyway. (Yes, I know the this "3 strikes and you're out" business isn't exactly a lost root password.)
Hi Every one
I disable the root account entering wrong password for many time
How can I enable the root account
I am using Tru64 Unix V4.0G
Thank you (2 Replies)
I'am set the root account locked ON, using smitty, so I can't login or su with root user in my AIX system, some one can help me to unlock root account login ???,
sample :
:~>su
root's Password:
3004-301 Your account has been locked; please see the system administrator.
3004-501 Cannot su to... (1 Reply)
Hi all,
I've been using linux/unix now only for a couple of months and was doing ok until about 30 minutes ago...
I needed to reboot into my windows 2000 partition, so, in a terminal I typed:
shutdown -r now
which duly rebooted the PC for me. On getting to the OS selection screen I... (5 Replies)
I have used the system administration management trusted security system and in the process the root password have been changed or lost.
Is there any possible way to recover root status after this incident:( (5 Replies)
we have a user name "Test1" that account is alwyas locked out. The user has been used to many servers to ftp a file from the main server. i already increase the MaxStartups to 99. And still after how many days account will locked. (3 Replies)
Hi,
I have enable Account lock for failed login attempts.
I have configured
1) /etc/security/policy.conf
2)/etc/default/login
To lock an account if it make multiple incorrect attempts to login to Solaris 10 server.
I can see the account gets locked in /etc/shadow.
I would like to... (1 Reply)
Hi
How do i list all locked account in my linux distributiion
I have tried
passwd -S -a
but it seems to not working .
My distribution details.
# lsb_release -a
LSB Version: :core-3.1-ia32:core-3.1-noarch:graphics-3.1-ia32:graphics-3.1-noarch
Distributor ID: OracleVMserver... (3 Replies)
Hi,
When I am trying to do ssh to a server it shows below error.
Key setup is all good and it used to work well few days back. Now suddenly I am getting this error.
ssh -i <private_key> <id>@<hostname>
Received disconnect from <hostname> Account is locked or login administratively... (1 Reply)
I have a new box that was set up for me and I want to allow telnet to the box as root. I know that it's not secure but due to the nature of what I test I need an easy and reliable way back in if I've messed up the other connection methods(SSH). This is in a protected lab environment. Eventually... (17 Replies)
I am facing an Issue with a particular Unix Account ( ie a particular Userid) getting LOCKED everyday between 7:30am and 8:00am. The Password associated with this particular Account has been setup such that it should never Expire at all but it does LOCK the Account after more than 3 failed... (5 Replies)
Discussion started by: pchegoor
5 Replies
LEARN ABOUT HPUX
pam_sm_acct_mgmt
pam_sm_acct_mgmt(3) Library Functions Manual pam_sm_acct_mgmt(3)NAME
pam_sm_acct_mgmt() - service provider implementation for pam_acct_mgmt
SYNOPSIS
[flag]... file... [library]...
DESCRIPTION
In response to a call to pam_acct_mgmt(3), the PAM framework calls from the modules listed in the pam.conf(4) file. The account management
provider supplies the back-end functionality for this interface function. The applications should not call this API directly.
The function, determines whether the current user's account and password are valid. This includes checking for password and account expi-
ration, valid log-in times, etc. The user in question is specified by a prior call to and is referenced by the authentication handle,
pamh, which is passed as the first argument to The following flags may be set in the flags field:
The account management service should not generate any messages.
The account management service should return
if the user has a null authentication token.
The argc argument represents the number of module options passed in from the configuration file pam.conf(4). argv specifies the module
options, which are interpreted and processed by the account management service. Please refer to the specific module man pages for the var-
ious available options. If an unknown option is passed to the module, an error should be logged through syslog(3C) and the option ignored.
If an account management module determines that the user password has aged or expired, it should save this information as state in the
authentication handle, pamh, using uses this information to determine which passwords have expired.
APPLICATION USAGE
Refer to pam(3) for information on thread-safety of PAM interfaces.
RETURN VALUE
If there are no restrictions to logging in, is returned. The following error values may also be returned upon error:
User not known to underlying authentication module.
New authentication token required.
User account has expired.
User denied access to account at this time.
Ignore underlying account module regardless of whether the control
flag is or
User account has been disabled (trusted mode only).
Terminal has been disabled (trusted mode only).
User is not authorized for terminal access (trusted mode only).
Wrong time to login (trusted mode only).
WARNINGS
HP-UX 11i Version 3 is the last release to support trusted systems functionality.
SEE ALSO pam(3), pam_acct_mgmt(3), syslog(3C), pam.conf(4).
pam_sm_acct_mgmt(3)