Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Password Automation pros/cons
Special Forums Cybersecurity Password Automation pros/cons Post 302295818 by sudharma on Monday 9th of March 2009 04:10:35 PM
Old 03-09-2009
MySQL Password Automation pros/cons
folks,

I have a security related question, to all you. Please share your comments with me.

I have a situation where i was asked to automate the password in my application, which expires every 6 months. In this case i need to generate a random password and set the password on some database/system (encrypted) and use this password in my application. In doing so the owner of the account will not be knowing the password as well.

My argument is that at first place, we should not automate the password to change automatically upon expiary. Secondly, changing the password automatically, the password change is not accountable and at later stages we would not know who changed the password last time. When i think of the password change I strongly belive that the account owner should be responsiable for keeping the passwords in a secret/encrypted form.


Please kindly share your thoughts if you had encountered such a situation beofre and what is best way to deal with this situation.


Hope to here from your expertese.


Cheers Smilie
Sudharma.
 

10 More Discussions You Might Find Interesting

1. AIX

NFS Pros and Cons

Can anyone provide the pros and cons of having an NFS mount on an AIX server. Or direct me to documentation that provides this information. Thanks... (1 Reply)
Discussion started by: mcateriny
1 Replies

2. UNIX for Advanced & Expert Users

automation script for password reset

Hi, Is there any way to automate the reset of passwords.I mean can we write some scripts and do it. Would be great if anybody can help in this regards. (9 Replies)
Discussion started by: yakyaj
9 Replies

3. AIX

AIX 5.2/5.3 - rootvg on SAN disk - pros and cons

We are considering a DR strategy of booting AIX 5.3 and 5.3 logical partitions from EMC Symmetrix SAN disks, so that we can replicate via SRDF to a recovery site. Has anyone tried configuring AIX 5.x systems to boot from SAN disk? If so, can you provide any information on the pros and cons of... (6 Replies)
Discussion started by: jjgarrot
6 Replies

4. Shell Programming and Scripting

SFTP password automation

I am working on a script to automate and SFTP that I am currently doing to a company that does not allow for a .ssh profile to be created. I have search and read about the -b option and am wondering if i can get some more information about it. I tried to right a file containing the password... (3 Replies)
Discussion started by: jaycheetwood
3 Replies

5. Shell Programming and Scripting

Need help with user password automation

Hello, I need some assistance in trying to figure out the best way to automate user account password resets. The environment is a mix of 2000 HP-ux, aix, linux, and sunos boxes. The security specs are to reset pw's every 90 days. Most boxes are only accessible from within a current ssh... (2 Replies)
Discussion started by: deviousdoses
2 Replies

6. UNIX for Advanced & Expert Users

SFTP automation with password/passphrase

Hi All, We have a special requirement from our client, we need to automate one of the sftp job with password authentication. I know sftp can be automated with Key authentication, but this is not what I am looking for. Can some body help me, a method like .netrc in FTP automation or like sftp... (6 Replies)
Discussion started by: shihabvk
6 Replies

7. Infrastructure Monitoring

PING pros and cons

I have some questions regarding ping a. im planning to add all my servers to nagios for monitoring purposes. since nagios will do "PING" on the IP address (to check if UP or down), will there be affect on all my servers? say resource utilization, memory, etc? Will it add up or slow down the... (3 Replies)
Discussion started by: lhareigh890
3 Replies

8. UNIX for Dummies Questions & Answers

password automation

i am doing automation of report in unix. i am copying files from different server using scp command.. if i use scp its asking for password for copying files..is there any way to automate this password issue.. can anyone help me out??? tahnks in advance, Arun Manas (4 Replies)
Discussion started by: arunmanas
4 Replies

9. Shell Programming and Scripting

Pros and cons for Text User Interface and Curses::UI

Anyone has experience or study with Text User Interface and Curses::UI using Perl? - What is the criteria to decide which method is better for a console based UI? - Which DTL (dialog tag language) is supported by these? The background is that I want to write a wrapper over some UNIX tools... (0 Replies)
Discussion started by: vikrantl
0 Replies

10. UNIX for Advanced & Expert Users

Pros and cons of a Journaled file System

Hello, Could anyone please enumerate some of the pros and cons to using a Journaled FileSystem? ---------- Post updated at 02:46 PM ---------- Previous update was at 02:45 PM ---------- I know clearly not losing data during a failed move or copy is a big pro, correct? Let's build off of... (8 Replies)
Discussion started by: glev2005
8 Replies

LEARN ABOUT HPUX

pam_user.conf

pam_user.conf(4)					     Kernel Interfaces Manual						  pam_user.conf(4)

NAME

       pam_user.conf - user configuration file for pluggable authentication modules

SYNOPSIS

DESCRIPTION

       is  the user configuration file for the Pluggable Authentication Module architecture, or PAM.  It is not designed to replace the PAM system
       configuration file, For PAM to work properly, is mandatory (see pam.conf(4)).  is optional.  It is used only when a user  basis	configura-
       tion is needed.	It mainly specifies options to be used by service modules on a user basis.

       The  options  defined  in  indicate the default for users who are not configured in or if the module type is not configured for some users.
       For the configuration in to take effect, needs to configure service module (see pam.conf(4)).

   Simplified pam_user.conf Configuration File
       The file contains a listing of login names.  Each login name is paired with a corresponding service module with or without  options  speci-
       fied.  Each entry has the following format:

	      login_name module_type module_path options

       Below is an example of the configuration file.

       tom    auth     /usr/lib/security/$ISA/libpam_unix.so.1	debug use_psd
       tom    auth     /usr/lib/security/$ISA/libpam_dce.so.1	use_first_pass
       tom    account  /usr/lib/security/$ISA/libpam_unix.so.1	use_psd
       tom    account  /usr/lib/security/$ISA/libpam_dce.so.1	try_first_pass

       susan  auth     /usr/lib/security/$ISA/libpam_unix.so.1
       susan  auth     /usr/lib/security/$ISA/libpam_dce.so.1	try_first_pass

       The  login_name	denotes  the  login  name  of  a user (for example, For detailed information on module_type, module_path, and options, see
       pam.conf(4).

       The first entry indicates that when the UNIX authentication is invoked for the options and will be used.  The second entry  indicates  that
       when the DCE authentication is invoked for the option will be used.  The module type is not configured for therefore, the options will take
       effect.	For those users who are not configured, the options apply.

   Notes
       If an error is found in an entry due to invalid login_name or module_type, then the entry is ignored.  If there are no  valid  entries  for
       the given module_type, the PAM framework ignores and reads the configuration in

EXAMPLES

       The following is a sample configuration file.  Lines that begin with the symbol are treated as comments, and therefore ignored.

       #
       # PAM user configuration
       #

       # Authentication management
       john   auth  /usr/lib/security/$ISA/libpam_unix.so.1
       john   auth  /usr/lib/security/$ISA/libpam_inhouse.so.1	try_first_pass

       david  auth  /usr/lib/security/$ISA/libpam_unix.so.1	use_psd
       david  auth  /usr/lib/security/$ISA/libpam_inhouse.so.1	try_first_pass

       susan  auth  /usr/lib/security/$ISA/libpam_unix.so.1	use_psd
       susan  auth  /usr/lib/security/$ISA/libpam_inhouse.so.1	try_first_pass

       # Password management
       john   password	/usr/lib/security/$ISA/libpam_unix.so.1
       david  password	/usr/lib/security/$ISA/libpam_unix.so.1     use_psd
       susan  password	/usr/lib/security/$ISA/libpam_unix.so.1     use_psd

SEE ALSO

       pam(3), pam.conf(4).

																  pam_user.conf(4)
All times are GMT -4. The time now is 10:46 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy