Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Re-enabling a locked root account on Trusted HP-UX
Operating Systems HP-UX Re-enabling a locked root account on Trusted HP-UX Post 99502 by Perderabo on Friday 17th of February 2006 09:47:33 PM
Old 02-17-2006
Re-enabling a locked root account on Trusted HP-UX
I knew I had had seen this somewhere:
Code:
Q: How can I re-enable my root account when I typed in my password wrong 3 times and the account got disabled?

A: When your HP-UX system is in the more secure "trusted system" mode, your account is automatically disabled after 
you have entered your password incorrectly 3 times in a row. At this point, even if you enter the correct password, 
you will not be allowed access into the account.

There are a few options to re-enable the account:

    * If you have access to the system console you can login using the root account from the console (this will automatically 
       re-enable the account). Even when the account is disabled, login from the console will be allowed by default.
    * If you have another root account on the system, you can login using that account and reset the disabled user account using SAM.

      To re-enable a disabled user account on the system using SAM:
         1. Select the “Accounts for users and groups” section.
         2. Select “users.”
         3. Select the user account that is disabled.
         4. With the disabled user account selected, go to the top of the screen and select “Actions.”
         5. Select “Reactivate” to reactivate the disabled account.


While I was looking for the above information, I found this announcement: HP-UX security features supercede trusted mode. So I'm not sure how much longer the tip on re-enabling the root account will be useful. But I will this thread into our FAQ on recovering root passwords anyway. (Yes, I know the this "3 strikes and you're out" business isn't exactly a lost root password.)
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

How to Enable locked root account

Hi Every one I disable the root account entering wrong password for many time How can I enable the root account I am using Tru64 Unix V4.0G Thank you (2 Replies)
Discussion started by: Syed_45
2 Replies

2. AIX

root account has been locked

I'am set the root account locked ON, using smitty, so I can't login or su with root user in my AIX system, some one can help me to unlock root account login ???, sample : :~>su root's Password: 3004-301 Your account has been locked; please see the system administrator. 3004-501 Cannot su to... (1 Reply)
Discussion started by: Maker
1 Replies

3. Linux

Locked out of Mandrake 9.1 user account

Hi all, I've been using linux/unix now only for a couple of months and was doing ok until about 30 minutes ago... I needed to reboot into my windows 2000 partition, so, in a terminal I typed: shutdown -r now which duly rebooted the PC for me. On getting to the OS selection screen I... (5 Replies)
Discussion started by: alarmcall
5 Replies

4. Cybersecurity

lost root password using (SAM) trusted security

I have used the system administration management trusted security system and in the process the root password have been changed or lost. Is there any possible way to recover root status after this incident:( (5 Replies)
Discussion started by: jordanrt
5 Replies

5. AIX

account is always locked out

we have a user name "Test1" that account is alwyas locked out. The user has been used to many servers to ftp a file from the main server. i already increase the MaxStartups to 99. And still after how many days account will locked. (3 Replies)
Discussion started by: invinzin21
3 Replies

6. Solaris

Banner for Locked Account

Hi, I have enable Account lock for failed login attempts. I have configured 1) /etc/security/policy.conf 2)/etc/default/login To lock an account if it make multiple incorrect attempts to login to Solaris 10 server. I can see the account gets locked in /etc/shadow. I would like to... (1 Reply)
Discussion started by: menonk
1 Replies

7. UNIX for Dummies Questions & Answers

How do i list all locked account in linux?

Hi How do i list all locked account in my linux distributiion I have tried passwd -S -a but it seems to not working . My distribution details. # lsb_release -a LSB Version: :core-3.1-ia32:core-3.1-noarch:graphics-3.1-ia32:graphics-3.1-noarch Distributor ID: OracleVMserver... (3 Replies)
Discussion started by: pinga123
3 Replies

8. UNIX for Dummies Questions & Answers

Account is locked or login administratively denied

Hi, When I am trying to do ssh to a server it shows below error. Key setup is all good and it used to work well few days back. Now suddenly I am getting this error. ssh -i <private_key> <id>@<hostname> Received disconnect from <hostname> Account is locked or login administratively... (1 Reply)
Discussion started by: mahish20
1 Replies

9. HP-UX

Enable telnet as root to 11.31 non-trusted system?

I have a new box that was set up for me and I want to allow telnet to the box as root. I know that it's not secure but due to the nature of what I test I need an easy and reliable way back in if I've messed up the other connection methods(SSH). This is in a protected lab environment. Eventually... (17 Replies)
Discussion started by: gctaylor
17 Replies

10. UNIX for Dummies Questions & Answers

UNIX Account getting Locked Everyday between same Time Frame

I am facing an Issue with a particular Unix Account ( ie a particular Userid) getting LOCKED everyday between 7:30am and 8:00am. The Password associated with this particular Account has been setup such that it should never Expire at all but it does LOCK the Account after more than 3 failed... (5 Replies)
Discussion started by: pchegoor
5 Replies

LEARN ABOUT DEBIAN

chage

CHAGE(1)							   User Commands							  CHAGE(1)

NAME

       chage - change user password expiry information

SYNOPSIS

       chage [options] LOGIN

DESCRIPTION

       The chage command changes the number of days between password changes and the date of the last password change. This information is used by
       the system to determine when a user must change his/her password.

OPTIONS

       The options which apply to the chage command are:

       -d, --lastday LAST_DAY
	   Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in the format
	   YYYY-MM-DD (or the format more commonly used in your area).

       -E, --expiredate EXPIRE_DATE
	   Set the date or number of days since January 1, 1970 on which the user's account will no longer be accessible. The date may also be
	   expressed in the format YYYY-MM-DD (or the format more commonly used in your area). A user whose account is locked must contact the
	   system administrator before being able to use the system again.

	   Passing the number -1 as the EXPIRE_DATE will remove an account expiration date.

       -h, --help
	   Display help message and exit.

       -I, --inactive INACTIVE
	   Set the number of days of inactivity after a password has expired before the account is locked. The INACTIVE option is the number of
	   days of inactivity. A user whose account is locked must contact the system administrator before being able to use the system again.

	   Passing the number -1 as the INACTIVE will remove an account's inactivity.

       -l, --list
	   Show account aging information.

       -m, --mindays MIN_DAYS
	   Set the minimum number of days between password changes to MIN_DAYS. A value of zero for this field indicates that the user may change
	   his/her password at any time.

       -M, --maxdays MAX_DAYS
	   Set the maximum number of days during which a password is valid. When MAX_DAYS plus LAST_DAY is less than the current day, the user
	   will be required to change his/her password before being able to use his/her account. This occurrence can be planned for in advance by
	   use of the -W option, which provides the user with advance warning.

	   Passing the number -1 as MAX_DAYS will remove checking a password's validity.

       -R, --root CHROOT_DIR
	   Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory.

       -W, --warndays WARN_DAYS
	   Set the number of days of warning before a password change is required. The WARN_DAYS option is the number of days prior to the
	   password expiring that a user will be warned his/her password is about to expire.

       If none of the options are selected, chage operates in an interactive fashion, prompting the user with the current values for all of the
       fields. Enter the new value to change the field, or leave the line blank to use the current value. The current value is displayed between a
       pair of [ ] marks.

NOTE

       The chage program requires a shadow password file to be available.

       The chage command is restricted to the root user, except for the -l option, which may be used by an unprivileged user to determine when
       his/her password or account is due to expire.

CONFIGURATION

       The following configuration variables in /etc/login.defs change the behavior of this tool:

FILES

       /etc/passwd
	   User account information.

       /etc/shadow
	   Secure user account information.

EXIT VALUES

       The chage command exits with the following values:

       0
	   success

       1
	   permission denied

       2
	   invalid command syntax

       15
	   can't find the shadow password file

SEE ALSO

       passwd(5), shadow(5).

shadow-utils 4.1.5.1						    05/25/2012								  CHAGE(1)
All times are GMT -4. The time now is 12:02 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy