Login or Register to Ask a Question and Join Our Community


HP-UX

HP-UX revert from trusted system to default

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems HP-UX HP-UX revert from trusted system to default
# 8  
Old 02-06-2012
Quote:
I'm still not sure what being 'trusted' gives me. It just was already 'trusted' when I got given the opportunity to take it on (i.e. dumped with it) Does untrusted just mean that the passwords are stored (encrypted) in /etc/passwd field 2 so there is a risk that someone might peek and then decipher them? Will I lose the complexity/history rules for passwords or something else perhaps? I will be delighted if it doesn't re-prompt for the old password when I've just typed it in, and as for that generating a next password malarky, no thanks. All users, be they IT or not, hate it too.
To read about "untrused", just see "man passwd". You will lose complexity and history rules. The "root" user will not need to know an old password. Passwords will be stored encrypted in /etc/passwd, but there is no direct unencryption method beyond brute force by a "root" user.

Keep some sessions logged in as "root" if you make this change. I recall that all existing user passwords were lost during the change from "trusted" to "untrusted" and that every user needed a password reset. Don't know if this has been fixed. HP Openview stopped working and need a re-install.

The "sudo" command is not a HP-UX command. It is 3rd-party software which administrators elect to use in order to bypass "trusted" security. No guarantee that it would continue to work unchanged.

I can't see how changing from "trusted" to "untrusted" will fix your application problem.

As others advise, make a full Disaster Recovery backup before considering this change.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Converting system to trusted

Hi, I need to convert few HP-UX (V 11.31) machines from un-trusted to trusted. I used the HP SMH to do this on one server. However when I click on "Yes" to proceed with the conversion, I get this error : The attempt to convert this system to a trusted system failed. The command return value... (2 Replies)
Discussion started by: anaigini45
2 Replies

2. UNIX for Dummies Questions & Answers

Need to revert default prompt in Linux after setting PS1 command

I have given as: PS1="Karthick>" in linux. Now the prompt changed as: Karthick> Now I need to get back the default prompt . How to achieve this? Thanks in advance (13 Replies)
Discussion started by: karthick nath
13 Replies

3. UNIX for Advanced & Expert Users

CVS command to revert deleted files

Hi, I have deleted a file and commited in CVS. So, is there any CVS command to revert back that deleted file with existing log messages. --Thanks in advance Madhu (1 Reply)
Discussion started by: madhuti
1 Replies

4. UNIX for Advanced & Expert Users

gmail revert to old look permanently

I thought I would share gmail revert to old look permanently. I am sure I am not the only one annoyed by the new look. Install Stylish extension Choose the Stylish UserStyle that you want. I know The Return of Old Gmail and gmail-b2b both work but I prefer gmail-b2b since I think it looks... (0 Replies)
Discussion started by: cokedude
0 Replies

5. Linux

Is it possible to revert a file after overwriting it ?

Long story short, there was some sort of corruption with my ide and the script I was working on has been over written with nothing (the file is blank now). The IDE doesn't store a back up from what I know (I'm using notepadd++ in wine lol I know I know I'm addictted to the nppftp sidebar and geany... (1 Reply)
Discussion started by: noPermissions
1 Replies

6. HP-UX

Enable telnet as root to 11.31 non-trusted system?

I have a new box that was set up for me and I want to allow telnet to the box as root. I know that it's not secure but due to the nature of what I test I need an easy and reliable way back in if I've messed up the other connection methods(SSH). This is in a protected lab environment. Eventually... (17 Replies)
Discussion started by: gctaylor
17 Replies

7. Emergency UNIX and Linux Support

Revert SVN import

Instead of importing a project/folder as svn import vlsms/ file:///home/repo/vlsms -m "Initial Upload" I did svn import vlsms/ file:///home/repo -m "Initial Upload" How to undo this import (in a clean way,without trace?) ---------- Post updated at 03:10 AM ---------- Previous update was at... (0 Replies)
Discussion started by: johnbach
0 Replies

8. HP-UX

shadowed password file on non-trusted system?

Is it possible to have shadowed password file without implementing a Trusted System? (3 Replies)
Discussion started by: linuxdude
3 Replies

9. Solaris

need zpool to revert...

hi i have created a pool using zpool command for my /dev/dsk/c1d0s3 disk. The poolname is qwertyuiopasdfghjklmnbvcxzzxcvbnmasdfghjklqwertyuiopoiuytrewqasdfghjklkjhgfdsazxcvbnmmnbnbcxczxzassd ddddvfhfghgjjgjhgkhkljfjlhohihiuyuioyguioyguiowyuiogwyuigwrigywuigyguiyuiogyugiyguioyuyguiowygiuygui... (1 Reply)
Discussion started by: SankarV
1 Replies

10. HP-UX

Trusted system: Please Help.

I was playing with sam and i turned on the Trusted System feature (UX11i). Now i cant log onto it anymore, i can ping it, but icant telnet, rlogin or login at the login screen. I dont want to reboot my machine because i am affraid it wont boot and ask for a password. My root password is not... (1 Reply)
Discussion started by: Netghost
1 Replies
Login or Register to Ask a Question

LEARN ABOUT LINUX

apt-key

APT-KEY(8)								APT								APT-KEY(8)

NAME

       apt-key - APT key management utility

SYNOPSIS

       apt-key [--keyring filename] [command] [arguments...]

DESCRIPTION

       apt-key is used to manage the list of keys used by apt to authenticate packages. Packages which have been authenticated using these keys
       will be considered trusted.

COMMANDS

       add filename
	   Add a new key to the list of trusted keys. The key is read from filename, or standard input if filename is -.

       del keyid
	   Remove a key from the list of trusted keys.

       export keyid
	   Output the key keyid to standard output.

       exportall
	   Output all trusted keys to standard output.

       list
	   List trusted keys.

       finger
	   List fingerprints of trusted keys.

       adv
	   Pass advanced options to gpg. With adv --recv-key you can download the public key.

       update
	   Update the local keyring with the archive keyring and remove from the local keyring the archive keys which are no longer valid. The
	   archive keyring is shipped in the archive-keyring package of your distribution, e.g. the debian-archive-keyring package in Debian.

       net-update
	   Work similar to the update command above, but get the archive keyring from an URI instead and validate it against a master key. This
	   requires an installed wget(1) and an APT build configured to have a server to fetch from and a master keyring to validate. APT in
	   Debian does not support this command and relies on update instead, but Ubuntu's APT does.

OPTIONS

       Note that options need to be defined before the commands described in the previous section.

       --keyring filename
	   With this option it is possible to specify a specific keyring file the command should operate on. The default is that a command is
	   executed on the trusted.gpg file as well as on all parts in the trusted.gpg.d directory, through trusted.gpg is the primary keyring
	   which means that e.g. new keys are added to this one.

FILES

       /etc/apt/trusted.gpg
	   Keyring of local trusted keys, new keys will be added here. Configuration Item: Dir::Etc::Trusted.

       /etc/apt/trusted.gpg.d/
	   File fragments for the trusted keys, additional keyrings can be stored here (by other packages or the administrator). Configuration
	   Item Dir::Etc::TrustedParts.

       /etc/apt/trustdb.gpg
	   Local trust database of archive keys.

       /usr/share/keyrings/debian-archive-keyring.gpg
	   Keyring of Debian archive trusted keys.

       /usr/share/keyrings/debian-archive-removed-keys.gpg
	   Keyring of Debian archive removed trusted keys.

SEE ALSO

       apt-get(8), apt-secure(8)

BUGS

       APT bug page[1]. If you wish to report a bug in APT, please see /usr/share/doc/debian/bug-reporting.txt or the reportbug(1) command.

AUTHOR

       APT was written by the APT team apt@packages.debian.org.

AUTHOR

       Jason Gunthorpe

COPYRIGHT

       Copyright (C) 1998-2001 Jason Gunthorpe

NOTES

	1. APT bug page
	   http://bugs.debian.org/src:apt

Linux								  28 October 2008							APT-KEY(8)