Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: To unblock the some audit scripts
Operating Systems HP-UX To unblock the some audit scripts Post 302259938 by vbe on Wednesday 19th of November 2008 09:38:21 AM
Old 11-19-2008
To me its clearly a trusted box but Im not to understand where he sees an issue:

Quote:
a) When we give wrong root password three times in a row, the root account has been disabled.
I dont know many root users knowing the box is trusted who would try 3 times in a row... usually at the 2nd attempt he would stop and think twice...

And yes even root is asked the old passwd, so if someone has changed it meanwhile not announcing it to his collegues you are looking for trouble...

Of course when you are a bit neurotic and suffer from amnesia (like me...) you work hard on alternatives e.g. replace the default value of attempts to 5, and make great usage of sudo... And most important (passwd has been changed and you dont know it ...) I grant myself (my users account) the possibility of shutdown/reboot the box...
 

9 More Discussions You Might Find Interesting

1. UNIX Desktop Questions & Answers

audit to crontab scripts

hi, I have scripts which are running every 3 minutes. The scripts include connection to a database, using sqlplus. Sometimes, the connection fails (invalid username or password, locked user etc..) and the connection returns the error code, to the unix screen or to a file. I want whenever there's... (2 Replies)
Discussion started by: krem
2 Replies

2. Linux

Unblock port 80 for none root user

Hi all, I am running an oracle application server but the problem is that the default port it is using is 7777 and if i want to make it port 80 i have to run the server as root which something i do not want to do. If i understand well to run on a port under 1024 the application needs root... (1 Reply)
Discussion started by: staind_art
1 Replies

3. HP-UX

How to Unblock Port in HP UX

Dear All.. I have an HP-UX server, i need to access it through certain port to run application.., but i cant access it, I can login as root by using other port Can anyone give me any advice how to see the list of active port? and how to block / unblock it?? Thankyou in advance ... (1 Reply)
Discussion started by: grimanda
1 Replies

4. Shell Programming and Scripting

Changing the Bash Scripts to Bourne Scripts:URGENT

Hi, I have to write a program to compute the checksums of files ./script.sh I wrote the program using bash and it took me forever since I am a beginner but it works very well. I'm getting so close to the deadline and I realised today that actually I have to use normal Bourne shell... (3 Replies)
Discussion started by: pgarg1989
3 Replies

5. Shell Programming and Scripting

KSH - How to call different scripts from master scripts based on a column in an Oracle table

Dear Members, I have a table REQUESTS in Oracle which has an attribute REQUEST_ACTION. The entries in REQUEST_ACTION are like, ME, MD, ND, NE etc. I would like to create a script which will will call other scripts based on the request action. Can we directly read from the REQUEST_ACTION... (2 Replies)
Discussion started by: Yoodit
2 Replies

6. AIX

When AIX audit start, How to set the /audit/stream.out file size ?

Dear All When I start the AIX(6100-06)audit subsystem. the log will save in /audit/stream.out (or /audit/trail), but in default when /audit/stream.out to grow up to 150MB. It will replace the original /audit/stream.out (or /audit/trail). Then the /audit/stream.out become empty and... (2 Replies)
Discussion started by: nnnnnnine
2 Replies

7. Solaris

how to configure a audit in global zone that will audit all the zone

Hi everyone, how i can configure a single audit service in the global zone for all zones, on solaris BSM. I will be glad to hear back from you. Thanks and Regards (3 Replies)
Discussion started by: ladondo
3 Replies

8. UNIX for Dummies Questions & Answers

Unblock the websites

Hi Guys, Some of the websites are blocked in my office. And I know the root password. I tried to unblock those sites.. Checkedcd /etc/modprobe.d $ cat blacklist.conf # # Listing a module here prevents the hotplug scripts from loading it. # Usually that'd be so that some other driver will... (8 Replies)
Discussion started by: Adhi
8 Replies

9. Red Hat

Want to unblock port for particular site

Dear All We have one Centos Server on Asterisk platform.We are trying to open one particular site from client machines which is our client portal.We have to upload data on that.When we trying to open that site somewhere its blocking and not opening.We did tracert and found one router down... (3 Replies)
Discussion started by: Vaibhav.T
3 Replies

LEARN ABOUT MOJAVE

d_passwd

d_passwd(4)							   File Formats 						       d_passwd(4)

NAME

       d_passwd - dial-up password file

SYNOPSIS

       /etc/d_passwd

DESCRIPTION

       A  dial-up  password is an additional password required of users who access the computer through a modem or dial-up port. The correct pass-
       word must be entered before the user is granted access to the computer.

       d_passwd is an ASCII file which contains a list of executable programs (typically shells) that require a dial-up password and  the  associ-
       ated encrypted passwords. When a user attempts to log in on any of the ports listed in the dialups file (see dialups(4)), the login program
       looks at the user's login entry stored in the passwd file (see passwd(4)), and compares the login shell field to the entries  in  d_passwd.
       These entries determine whether the user will be required to supply a dial-up password.

       Each entry in d_passwd is a single line of the form:

       login-shell:password:

       where

       login-shell     The name of the login program that will require an additional dial-up password.

       password        An  encrypted  password. Users accessing the computer through a dial-up port or modem using login-shell will be required to
		       enter this password before gaining access to the computer.

       d_passwd should be owned by the root user and the root group. The file should have read and write permissions for the owner (root) only.

       If the user's login program in the passwd file is not found in d_passwd or if the login shell field in passwd is empty, the user must  sup-
       ply  the  default  password.  The default password is the entry for /usr/bin/sh. If d_passwd has no entry for /usr/bin/sh, then those users
       whose login shell field in passwd is empty or does not match any entry in d_passwd will not be prompted for a dial-up password.

       Dial-up logins are disabled if d_passwd has only the following entry:

       /usr/bin/sh:*:

EXAMPLES

       Example 1: Sample d_passwd file.

       Here is a sample d_passwd file:

       /usr/lib/uucp/uucico:q.mJzTnu8icF0:
       /usr/bin/csh:6k/7KCFRPNVXg:
       /usr/bin/ksh:9df/FDf.4jkRt:
       /usr/bin/sh:41FuGVzGcDJlw:

   Generating An Encrypted Password
       The passwd (see passwd(1)) utility can be used to generate the encrypted password for each login program. passwd generates encrypted  pass-
       words  for  users  and places the password in the shadow (see shadow(4)) file. Passwords for the d_passwd file will need to be generated by
       first adding a temporary user id using useradd (see useradd(1M)), and then using passwd(1) to generate the desired password in  the  shadow
       file. Once the encrypted version of the password has been created, it can be copied to the d_passwd file.

       For example:

       1.
	   Type useradd tempuser and press Return. This creates a user named tempuser.

       2.  Type passwd tempuser and press Return. This creates an encrypted password for tempuser and places it in the shadow file.

       3.  Find the entry for tempuser in the shadow file and copy the encrypted password to the desired entry in the d_passwd file.

       4.  Type userdel tempuser and press Return to delete tempuser.

       These steps must be executed as the root user.

FILES

       /etc/d_passwd	       dial-up password file

       /etc/dialups	       list of dial-up ports requiring dial-up passwords

       /etc/passwd	       password file

       /etc/shadow	       shadow password file

SEE ALSO

       passwd(1), useradd(1M), dialups(4), passwd(4), shadow(4)

WARNINGS

       When  creating  a  new  dial-up password, be sure to remain logged in on at least one terminal while testing the new password. This ensures
       that there is an available terminal from which you can correct any mistakes that were made when the new password was added.

SunOS 5.10							    2 Sep 2004							       d_passwd(4)
All times are GMT -4. The time now is 02:56 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy