08-28-2002
SecurID is our method
Okay okay... I know that SSH is a great way to secure passwords, but I wasn't around when they decided what to use.
Although telnet is the standard for my company, we do have another way to protect passwords from being captured.
We use the SecurID technology that only allows for 1 time unique passwords for all users logging in to our systems. It is used with a PIN that the user has and a rotating 6 digit number that changes every 60 seconds.
I might be wrong on this, but SecurID is a very good security measure to protect passwords.
Don't get me wrong SSH is great, but my company has the SecurID technology as our enterprise solution.
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi!
I have a Tru64 40f box and I am trying to figure out how the banner is displayed after login.
Now the sys admin (who is now gone) has a message that is displayed for all users AFTER login.
In addition to the /etc/issue and the /etc/motd files another file with a longer message is... (2 Replies)
Discussion started by: sdharmap
2 Replies
2. UNIX for Dummies Questions & Answers
I dont want the kernal info and OP type to come up to every one that logs in to my server. How do I edit the telnet banner to say something different. (1 Reply)
Discussion started by: macdonto
1 Replies
3. UNIX for Advanced & Expert Users
I need to put a telnet banner on AIX 4.3 and 5.1 servers, so the users can see a warning message before logging into the system. I know /etc/motd will give the message after the login. Basically what I am asking is how do I tell system to read the /etc/issue file on AIX?.
Thank you, in advance... (4 Replies)
Discussion started by: smohd
4 Replies
4. UNIX for Dummies Questions & Answers
How can I display a message to the crt whenever someone logs on? They do not see a unix prompt. I need to easily update this also. (2 Replies)
Discussion started by: Beetlejuice
2 Replies
5. UNIX for Dummies Questions & Answers
On my Ultra 60, when booting and at the banner screen, on the top left is a picture of a globe. On another machine (Ultra 60) its a picture of a Sun. Is this something on the graphics card, or is this picture located somewhere else and able to be changed? (0 Replies)
Discussion started by: ridgeback00
0 Replies
6. Shell Programming and Scripting
Somewhat long story:
I have a simple Perl CGI script that uses Expect to Telnet to a device and grab some data, and then spits it back to Perl for display on the Webpage.
This works for many devices I've tried, but one device just fails, it keeps rejecting the password on this device, only... (1 Reply)
Discussion started by: jondo
1 Replies
7. HP-UX
why I didn't set /etc/inetd.conf
telnet stream tcp nowait root /usr/lbin/telnetd \
telnetd -b /etc/issue
only
telnet stream tcp nowait root /usr/lbin/telnetd
in /etc/ineted.conf
but when I telnet my HPUX machine
it shows those message
HP-UX hp1008 B.11.31 U ia64 (tb)
login:
... (1 Reply)
Discussion started by: alert0919
1 Replies
8. UNIX for Dummies Questions & Answers
Hi,
I was writing one script which includes to switch to the another telnet automatically from the present telnet server. I was using rlogin but firstly it takes the same user name of the present telnet and secondly it is prompting for the password.
But i want to switch to the another telnet... (2 Replies)
Discussion started by: Prateek
2 Replies
9. UNIX for Dummies Questions & Answers
Hi,
I want to know the difference between these two services. Both are under xinetd. Both are used for enabling and disabling Telnet service. So, can somebody please explain me the difference between the two ?
Thanks in advance :) (0 Replies)
Discussion started by: kashifsd17
0 Replies
LEARN ABOUT HPUX
pwd_strengthd
pwd_strengthd(1m) pwd_strengthd(1m)
NAME
pwd_strengthd - The sample Password Management Server
SYNOPSIS
pwd_strengthd [+/-all[_spaces]] [+/-alp[ha_num]]
[-c[ache_size]] size [-d[ebug]]
[-m[in_len]] pwd_min_len [-t[imeout]] minutes
[-v[erbose]]
OPTIONS
Allow passwords to be all spaces. If this option is not set, the effective registry policy is used. Disallow passwords to be all spaces.
If this option is not set, the effective registry policy is used. Allow passwords to consist only of alphanumeric characters. If this
option is not set, the effective registry policy is used. Disallow passwords to consist only of alphanumeric characters. If this option is
not set, the effective registry policy is used. Specify the number of hash buckets in the password cache. The password cache is used to
store generated passwords which are retrieved when the password is strength checked. The password cache is a hash table with a linked list
for collisions. The size should be set to a reasonable value based on how large the cache will be on average. The default value if not
specified is 100. Run in the foreground. Log messages are written to standard output. Specify the minimum length of a password. If this
option is not set, the effective registry policy is used. Specify the time, in minutes, that generated passwords remain in the cache
before they are deleted from memory. If this option is not specified, the default time is 30 minutes. Runs in verbose mode. More detailed
messages are sent to the logfile $DCELOCAL/var/security/pwd_strengthd.log. (Use of this option is recommended.)
DESCRIPTION
DESCRIPTION
pwd_strengthd is a sample Password Management Server. It exports the rsec_pwd_mgmt application programming interface.
pwd_strengthd generates passwords and strength-checks them. It enforces the security registry policy for password strength-checking.
Administrators can override the security registry policy via the command-line options (alpha_num, all_spaces, min_len.)
Administrators can subject principals to password-strength and -generation policies by attaching the following ERAs: Specifies the password
management policy the user must conform to when selecting passwords. Specifies information required in order to connect to the password
management server.
See the OSF DCE Administrator's Guide -- Core Services for more information and examples. You may want to enhance pwd_strengthd to support
your site's policies for password strength and generation.
pwd_strengthd(1m)