03-09-2009
Password Automation pros/cons
folks,
I have a security related question, to all you. Please share your comments with me.
I have a situation where i was asked to automate the password in my application, which expires every 6 months. In this case i need to generate a random password and set the password on some database/system (encrypted) and use this password in my application. In doing so the owner of the account will not be knowing the password as well.
My argument is that at first place, we should not automate the password to change automatically upon expiary. Secondly, changing the password automatically, the password change is not accountable and at later stages we would not know who changed the password last time. When i think of the password change I strongly belive that the account owner should be responsiable for keeping the passwords in a secret/encrypted form.
Please kindly share your thoughts if you had encountered such a situation beofre and what is best way to deal with this situation.
Hope to here from your expertese.
Cheers
Sudharma.
10 More Discussions You Might Find Interesting
1. AIX
Can anyone provide the pros and cons of having an NFS mount on an AIX server. Or direct me to documentation that provides this information. Thanks... (1 Reply)
Discussion started by: mcateriny
1 Replies
2. UNIX for Advanced & Expert Users
Hi,
Is there any way to automate the reset of passwords.I mean can we write some scripts and do it. Would be great if anybody can help in this regards. (9 Replies)
Discussion started by: yakyaj
9 Replies
3. AIX
We are considering a DR strategy of booting AIX 5.3 and 5.3 logical partitions from EMC Symmetrix SAN disks, so that we can replicate via SRDF to a recovery site. Has anyone tried configuring AIX 5.x systems to boot from SAN disk? If so, can you provide any information on the pros and cons of... (6 Replies)
Discussion started by: jjgarrot
6 Replies
4. Shell Programming and Scripting
I am working on a script to automate and SFTP that I am currently doing to a company that does not allow for a .ssh profile to be created.
I have search and read about the -b option and am wondering if i can get some more information about it.
I tried to right a file containing the password... (3 Replies)
Discussion started by: jaycheetwood
3 Replies
5. Shell Programming and Scripting
Hello,
I need some assistance in trying to figure out the best way to automate user account password resets.
The environment is a mix of 2000 HP-ux, aix, linux, and sunos boxes.
The security specs are to reset pw's every 90 days.
Most boxes are only accessible from within a current ssh... (2 Replies)
Discussion started by: deviousdoses
2 Replies
6. UNIX for Advanced & Expert Users
Hi All,
We have a special requirement from our client, we need to automate one of the sftp job with password authentication. I know sftp can be automated with Key authentication, but this is not what I am looking for.
Can some body help me, a method like .netrc in FTP automation or like sftp... (6 Replies)
Discussion started by: shihabvk
6 Replies
7. Infrastructure Monitoring
I have some questions regarding ping
a. im planning to add all my servers to nagios for monitoring purposes. since nagios will do "PING" on the IP address (to check if UP or down), will there be affect on all my servers? say resource utilization, memory, etc? Will it add up or slow down the... (3 Replies)
Discussion started by: lhareigh890
3 Replies
8. UNIX for Dummies Questions & Answers
i am doing automation of report in unix. i am copying files from different server using scp command.. if i use scp its asking for password for copying files..is there any way to automate this password issue..
can anyone help me out???
tahnks in advance,
Arun Manas (4 Replies)
Discussion started by: arunmanas
4 Replies
9. Shell Programming and Scripting
Anyone has experience or study with Text User Interface and Curses::UI using Perl?
- What is the criteria to decide which method is better for a console based UI?
- Which DTL (dialog tag language) is supported by these?
The background is that I want to write a wrapper over some UNIX tools... (0 Replies)
Discussion started by: vikrantl
0 Replies
10. UNIX for Advanced & Expert Users
Hello,
Could anyone please enumerate some of the pros and cons to using a Journaled FileSystem?
---------- Post updated at 02:46 PM ---------- Previous update was at 02:45 PM ----------
I know clearly not losing data during a failed move or copy is a big pro, correct? Let's build off of... (8 Replies)
Discussion started by: glev2005
8 Replies
LEARN ABOUT SUNOS
list-connector-security-maps
asadmin-list-connector-security-maps(1AS) User Commands asadmin-list-connector-security-maps(1AS)
NAME
asadmin-list-connector-security-maps, list-connector-security-maps - lists the security maps for the named connector connection pool
SYNOPSIS
list-connector-security-maps --user admin_user [--password admin_password] [--host localhost] [--port 4848] [--secure|-s] [--passwordfile
filename] [--terse=false] [--echo=false] [--interactive=true]
[--verbose=false] [--securitymap mapname] pool_name
lists the security map belonging to the named connector connection pool.
This command is supported in remote mode only.
OPTIONS
--user authorized domain application server administrative username.
--password password to administer the domain application server.
--host machine name where the domain application server is running.
--port port number of the domain application server listening for administration requests.
--secure if true, uses SSL/TLS to communicate with the domain application server.
--passwordfile file containing the domain application server password.
--terse indicates that any output data must be very concise, typically avoiding human-friendly sentences and favoring well-
formatted data for consumption by a script. Default is false.
--echo setting to true will echo the command line statement on the standard output. Default is false.
--interactive if set to true (default), only the required password options are prompted.
--verbose lists the identify, principals, and the security name.
--securitymap name of the security map.
OPERANDS
poolname name of the pool.
Example 1: Using list-connector-security-maps with security map option
asadmin> list-connector-security-maps --user admin --password adminadmin
--securitymap mysecuremap securityPool1
Command list-connector-security-maps executed successfully
One security map (mysecuremap) is listed for the securityPool1 pool.
Example 2: Using list-connector-security-maps
asadmin> list-connector-security-maps --user admin --password adminadmin
securityPool1
Command list-connector-security-maps executed successfully
All the security maps are listed for the securityPool1 pool.
EXIT STATUS
0 command executed successfully
1 error in executing the command
asadmin-delete-connector-security-map(1AS), asadmin-create-connector-security-map(1), asadmin-update-connector-security-map(1AS)
J2EE 1.4 SDK March 2004 asadmin-list-connector-security-maps(1AS)