|
|
Sponsored Content
Top Forums
UNIX for Dummies Questions & Answers
Password last changed
Post 302534608 by Norgaard on Tuesday 28th of June 2011 09:26:25 AM
06-28-2011
Password last changed
Hi,
I am doing an audit and thought I knew what I was doing, but reading through the posts I came into doubt.
On Sun Solaris, I want to know when users last changed their passwords. I have the etc/shadow files and there is a nice field showing this. Except that it is disturbing me somewhat that for example the root password is indicated as having been last changed in 1987 on a computer that was installed in 2011? Some users have apparently never changed their passwords, despite that we have password rules in place, in etc/passwd.
Searching the forums here I found 2 threads dealing with password change logging, but the answer seems to be that there is no trace of last password change and that the login process does not write to the shadow file - and then I'm confused to bits! The man page says that last password change is written to shadow. It also indicates if the last login was successful. I am not talking about accounts marked with LK or NP.
Can somebody tell me the "truth" (and nothing but ...)
Thanks
Norgaard
I am doing an audit and thought I knew what I was doing, but reading through the posts I came into doubt.
On Sun Solaris, I want to know when users last changed their passwords. I have the etc/shadow files and there is a nice field showing this. Except that it is disturbing me somewhat that for example the root password is indicated as having been last changed in 1987 on a computer that was installed in 2011? Some users have apparently never changed their passwords, despite that we have password rules in place, in etc/passwd.
Searching the forums here I found 2 threads dealing with password change logging, but the answer seems to be that there is no trace of last password change and that the login process does not write to the shadow file - and then I'm confused to bits! The man page says that last password change is written to shadow. It also indicates if the last login was successful. I am not talking about accounts marked with LK or NP.
Can somebody tell me the "truth" (and nothing but ...)
Thanks
Norgaard
|
|
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
How can I know users have changed their passwords ? I don't need their password (!) I have to know if they have changed their pass word and when ?
Thank you in advance for any SIMPLE answer. (6 Replies)
Discussion started by: annemar
6 Replies
2. HP-UX
Hi all,
My HP-UX server 11.11 trusted system.
How I know when password was last changed.
Thanks ,
arm_naja (4 Replies)
Discussion started by: arm_naja
4 Replies
3. Shell Programming and Scripting
Hi All,
While installing Red Hat Linux, I tried changing the timezone to Japan for testing.But the timezone was not set to Japan.
I tried other timezones , but they didn't work as well.
I am guessing the problem might be due to some missing rpm.Does anyone has any idea or faced a similar... (1 Reply)
Discussion started by: nua7
1 Replies
4. Shell Programming and Scripting
Hello,
I have to do a script which returns users who have never changed their password from /etc/shadow.
Here is what have I done and I'm not sure if it's ok.
I tried to return just users who doesn;t have password set or are locked.
Can be there other kind of user who never changed the... (3 Replies)
Discussion started by: catalint
3 Replies
5. Red Hat
Hi I am using Fedora 14. I forgot root password of Fedora 14 so I used online help from Fedora website which says by doing rheb silent 1 and then using proper kernel and then using psswd for changing the password I changed it.
But after normal booting GUI I am not able to log-on.
Can anybody plz... (5 Replies)
Discussion started by: nixhead
5 Replies
6. Shell Programming and Scripting
Hi All,
I have to work in the late nights some times for server maintenance and in a hurry to complete I am accidentally changing ownership or permission of directories :(
which have similar names ( /var in root and var of some other directory ).:confused:
Can some one suggest me with the... (1 Reply)
Discussion started by: shiek.kaleem
1 Replies
7. AIX
Hello
i am running AIX 6.1. i recently changed the root password using passwd and pwdadm. while the new password works fine, i am still able to login using the old password. is there anyway this can disabled\fixed
thanks (5 Replies)
Discussion started by: dnlsingh
5 Replies
8. Shell Programming and Scripting
Hi,
I wanted to check when the password of a current user(logged in) has been changed recently.
I tried with the commands like
passwd -s name
logins -x -l username everthingbut it shows not a super user
Which commands will help me.. Kindly help.. Thanks in advance. (3 Replies)
Discussion started by: Pranavi
3 Replies
9. Forum Support Area for Unregistered Users & Account Problems
I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login.
Following the provided link I attempted to update my password to one of my own... (1 Reply)
Discussion started by: Rich Marton
1 Replies
LEARN ABOUT PHP
d_passwd
d_passwd(4) File Formats d_passwd(4) NAME
d_passwd - dial-up password file SYNOPSIS
/etc/d_passwd DESCRIPTION
A dial-up password is an additional password required of users who access the computer through a modem or dial-up port. The correct pass- word must be entered before the user is granted access to the computer. d_passwd is an ASCII file which contains a list of executable programs (typically shells) that require a dial-up password and the associ- ated encrypted passwords. When a user attempts to log in on any of the ports listed in the dialups file (see dialups(4)), the login program looks at the user's login entry stored in the passwd file (see passwd(4)), and compares the login shell field to the entries in d_passwd. These entries determine whether the user will be required to supply a dial-up password. Each entry in d_passwd is a single line of the form: login-shell:password: where login-shell The name of the login program that will require an additional dial-up password. password An encrypted password. Users accessing the computer through a dial-up port or modem using login-shell will be required to enter this password before gaining access to the computer. d_passwd should be owned by the root user and the root group. The file should have read and write permissions for the owner (root) only. If the user's login program in the passwd file is not found in d_passwd or if the login shell field in passwd is empty, the user must sup- ply the default password. The default password is the entry for /usr/bin/sh. If d_passwd has no entry for /usr/bin/sh, then those users whose login shell field in passwd is empty or does not match any entry in d_passwd will not be prompted for a dial-up password. Dial-up logins are disabled if d_passwd has only the following entry: /usr/bin/sh:*: EXAMPLES
Example 1: Sample d_passwd file. Here is a sample d_passwd file: /usr/lib/uucp/uucico:q.mJzTnu8icF0: /usr/bin/csh:6k/7KCFRPNVXg: /usr/bin/ksh:9df/FDf.4jkRt: /usr/bin/sh:41FuGVzGcDJlw: Generating An Encrypted Password The passwd (see passwd(1)) utility can be used to generate the encrypted password for each login program. passwd generates encrypted pass- words for users and places the password in the shadow (see shadow(4)) file. Passwords for the d_passwd file will need to be generated by first adding a temporary user id using useradd (see useradd(1M)), and then using passwd(1) to generate the desired password in the shadow file. Once the encrypted version of the password has been created, it can be copied to the d_passwd file. For example: 1. Type useradd tempuser and press Return. This creates a user named tempuser. 2. Type passwd tempuser and press Return. This creates an encrypted password for tempuser and places it in the shadow file. 3. Find the entry for tempuser in the shadow file and copy the encrypted password to the desired entry in the d_passwd file. 4. Type userdel tempuser and press Return to delete tempuser. These steps must be executed as the root user. FILES
/etc/d_passwd dial-up password file /etc/dialups list of dial-up ports requiring dial-up passwords /etc/passwd password file /etc/shadow shadow password file SEE ALSO
passwd(1), useradd(1M), dialups(4), passwd(4), shadow(4) WARNINGS
When creating a new dial-up password, be sure to remain logged in on at least one terminal while testing the new password. This ensures that there is an available terminal from which you can correct any mistakes that were made when the new password was added. SunOS 5.10 2 Sep 2004 d_passwd(4)