02-06-2008
To complete Perderabo's explanation, HP trusted systems started to use /tcb/files from 10.20 on and in 11.11 you could get a optionnal addon to give the OS this little solaris look (/etc/shadow).
The /tcb/files is far more secure and a more than one DB... So be carefull when playing with it... I had cases where DBAs managed to lockout root account...
If you were in trusted mode why would you want to return to normal?
Is it because accounts are locked?
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I think I may have put this in the wrong forum earlier
the script that follows is an extract from a post someone gave as an answer to a question on ftp within a script
/usr/bin/ftp ftpsiteaddress <<END
verbose on
bin
user username password
cd <directoryname>
put <filename>
mput... (3 Replies)
Discussion started by: Henrik
3 Replies
2. Cybersecurity
hi there , :cool:
um facing a problem with my root passwd
i want to set my root password and when i do i get the following ::
#
# passwd
passwd: Changing password for root
New Password:
Re-enter new Password:
passwd(SYSTEM): They don't match.
Please try again
New Password:... (6 Replies)
Discussion started by: badrali
6 Replies
3. Shell Programming and Scripting
Hi All,
I am working on AIX 5.3.
My requirement is to telnet to a server and scp a file from another server
In my shell script i am using telnet to enter to a server and i am echoing the password as below
echo open $Infahost
sleep 1
echo $Infaftplogin
sleep 1
echo $Infaftppasswd... (3 Replies)
Discussion started by: sam99
3 Replies
4. UNIX for Dummies Questions & Answers
Afternoon All
Has anyone seen this type of thing before. Basically we had an issue where an ID that has db2 connect access tried to make the db connection and got an " Attempt to establish connection failed with security reason "1"
("PASSWORD EXPIRED"). SQLSTATE=08001" error.
This I know... (0 Replies)
Discussion started by: philib
0 Replies
5. Solaris
Hi
Our nis server running on Sun solaris 8 operating system.
I have added a new user in the nis passwd file
& when I am trying to update the file from nis server by using
following command:
# cd /var/yp
# make
updated passwd
It updates the passwd file but does not come back to command... (3 Replies)
Discussion started by: dolphin
3 Replies
6. AIX
Hi,
My server is an AIX server. Whenever a new user is created through smitty,
the first time he logs in, he has to change his password.
But i want to disable it and to enable the password expiry to a month. (i.e) after every month, he has to change his password.
Any help in this matter... (1 Reply)
Discussion started by: mac4rfree
1 Replies
7. Emergency UNIX and Linux Support
Hi All,
I am facing issue in setting up passwordless login through ssh on two Solaris-10 boxes. user-id ravrwa from server tsapiq04-zrwdq01 should be able to login to server tsbrit03 as cpsuserq, which is not happening. I am not sure where is the problem, while keys are already all set. Here is... (14 Replies)
Discussion started by: solaris_1977
14 Replies
8. UNIX for Dummies Questions & Answers
I dug myself a hole yesterday that I can't seem to get myself out of.
In a very futile attempt to create a new FTP user with limited access via SSH, I inadvertently changed permissions for who knows what and now I am having a problem accessing password protected directories. When I enter the... (1 Reply)
Discussion started by: HiddenColors
1 Replies
9. SuSE
Hello,
I can't seem to get the password less login to work on one of my SLES 11 servers. My ssh agent lets me login to all my other servers, which are Solaris 10, RHEL 5, and SLES 11 servers. Some servers mount my home directory and others don't.
The server that I'm having an issue with doesn't... (7 Replies)
Discussion started by: bitlord
7 Replies
passwd(4) Kernel Interfaces Manual passwd(4)
NAME
passwd - Password files
DESCRIPTION
A passwd file is a file consisting of records separated by newline characters, one record per user, containing seven colon (:) separated
fields. These fields are as follows:
User's login name. The default length is 8 characters. User's encrypted password. User's ID User's login group ID General information
about the user User's home directory User's login shell
The name field is the login used to access the computer account, and the uid field is the number associated with it. They should both be
unique across the system (and often across a group of systems) since they control file access.
While it is possible to have multiple entries with identical login names and/or identical user gid's, it is usually a mistake to do so.
Routines that manipulate these files will often return only one of the multiple entries, and that one by random selection.
The login name must never begin with a hyphen (-); also, it is strongly suggested that neither uppercase characters or dots (.) be part of
the name, as this tends to confuse mailers. No field may contain a colon (:) as this has been used historically to separate the fields in
the user database.
The password field is the encrypted form of the password. If the password field is empty, no password is required to gain access to the
machine. Because these files contain the encrypted user passwords, they should not be readable by anyone without appropriate privileges.
Use the command to edit password entries. This ensures that the hashed password database is rebuilt. If you have enhanced security
installed on your system, the password field contains an asterisk (*). The encrypted password is stored in the user's protected password
database.
The gid field is the group that the user will be placed in upon login. Since the operating system supports multiple groups (see the groups
command) this field currently has little special meaning.
The gecos field normally contains comma (,) separated subfields as follows:
User's full name User's office number User's work phone number User's home phone number
This information is used by the finger command.
The user's home directory is the full UNIX pathname where the user will be placed on login.
The shell field is the command interpreter the user prefers. If the shell field is empty, the Bourne shell (/bin/sh) is assumed.
The allowable values for the UID are unsigned numbers from 0 to 65535.
The command pwck can be used to verify the accuracy of data entered in the passwd file.
EXAMPLES
root:TZVtfX5VbS3KY:0:1:System PRIVILEGED Account,,,:/:/bin/sh adm:*:5:16:Admin Login:/usr/adm:/bin/sh operator:HdgoklKwZOlvU:25:28:System
PRIVILEGED Account,,,:/etc/operator: guest:Nologin:-2:-2:anonymous NFS user:/:/bin/date osfuser:If2eoZ6gmghJo:50002:15:Osf
User:/usr/users/osfuser:/bin/csh marcy:*:201:20:Marcy Swanson,dev,x1234:/usr/users/marcy:/bin/sh
RELATED INFORMATION
Functions: getpwent(3)
Commands: login(1), passwd(1), pwck(8), vipw(8)
Files: prpasswd(4) delim off
passwd(4)