Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: HP-UX revert from trusted system to default
Operating Systems HP-UX HP-UX revert from trusted system to default Post 302595574 by rbatte1 on Friday 3rd of February 2012 12:27:45 PM
Old 02-03-2012
Thanks for the input vbe.

The good news is that the root password is not known and not required except in an emergency, so would only be on the console anyway (frequently changed by Security and stored in a file on another server). Administrative updates requiring super-user privilieges are scripted with sudo rules - and the system managers (of which I am one of five) have the wonderful ability to sudo su - to do anything that isn't 'normal'

I'm still not sure what being 'trusted' gives me. It just was already 'trusted' when I got given the opportunity to take it on (i.e. dumped with it) Does untrusted just mean that the passwords are stored (encrypted) in /etc/passwd field 2 so there is a risk that someone might peek and then decipher them? Will I lose the complexity/history rules for passwords or something else perhaps? I will be delighted if it doesn't re-prompt for the old password when I've just typed it in, and as for that generating a next password malarky, no thanks. All users, be they IT or not, hate it too.


We're not public facing, so I'm not too worried about intrusion (dare I trust my network team?) but if my Security Manager will kill me for even suggesting it, it would be good to know what we're actually giving up, given that I'm trying to improve security on an application for him, after all.


Cheers,
Robin
Last edited by rbatte1; 02-03-2012 at 01:30 PM.. Reason: Correcting my grammer
 

10 More Discussions You Might Find Interesting

1. HP-UX

Trusted system: Please Help.

I was playing with sam and i turned on the Trusted System feature (UX11i). Now i cant log onto it anymore, i can ping it, but icant telnet, rlogin or login at the login screen. I dont want to reboot my machine because i am affraid it wont boot and ask for a password. My root password is not... (1 Reply)
Discussion started by: Netghost
1 Replies

2. Solaris

need zpool to revert...

hi i have created a pool using zpool command for my /dev/dsk/c1d0s3 disk. The poolname is qwertyuiopasdfghjklmnbvcxzzxcvbnmasdfghjklqwertyuiopoiuytrewqasdfghjklkjhgfdsazxcvbnmmnbnbcxczxzassd ddddvfhfghgjjgjhgkhkljfjlhohihiuyuioyguioyguiowyuiogwyuigwrigywuigyguiyuiogyugiyguioyuyguiowygiuygui... (1 Reply)
Discussion started by: SankarV
1 Replies

3. HP-UX

shadowed password file on non-trusted system?

Is it possible to have shadowed password file without implementing a Trusted System? (3 Replies)
Discussion started by: linuxdude
3 Replies

4. Emergency UNIX and Linux Support

Revert SVN import

Instead of importing a project/folder as svn import vlsms/ file:///home/repo/vlsms -m "Initial Upload" I did svn import vlsms/ file:///home/repo -m "Initial Upload" How to undo this import (in a clean way,without trace?) ---------- Post updated at 03:10 AM ---------- Previous update was at... (0 Replies)
Discussion started by: johnbach
0 Replies

5. HP-UX

Enable telnet as root to 11.31 non-trusted system?

I have a new box that was set up for me and I want to allow telnet to the box as root. I know that it's not secure but due to the nature of what I test I need an easy and reliable way back in if I've messed up the other connection methods(SSH). This is in a protected lab environment. Eventually... (17 Replies)
Discussion started by: gctaylor
17 Replies

6. Linux

Is it possible to revert a file after overwriting it ?

Long story short, there was some sort of corruption with my ide and the script I was working on has been over written with nothing (the file is blank now). The IDE doesn't store a back up from what I know (I'm using notepadd++ in wine lol I know I know I'm addictted to the nppftp sidebar and geany... (1 Reply)
Discussion started by: noPermissions
1 Replies

7. UNIX for Advanced & Expert Users

gmail revert to old look permanently

I thought I would share gmail revert to old look permanently. I am sure I am not the only one annoyed by the new look. Install Stylish extension Choose the Stylish UserStyle that you want. I know The Return of Old Gmail and gmail-b2b both work but I prefer gmail-b2b since I think it looks... (0 Replies)
Discussion started by: cokedude
0 Replies

8. UNIX for Advanced & Expert Users

CVS command to revert deleted files

Hi, I have deleted a file and commited in CVS. So, is there any CVS command to revert back that deleted file with existing log messages. --Thanks in advance Madhu (1 Reply)
Discussion started by: madhuti
1 Replies

9. UNIX for Dummies Questions & Answers

Need to revert default prompt in Linux after setting PS1 command

I have given as: PS1="Karthick>" in linux. Now the prompt changed as: Karthick> Now I need to get back the default prompt . How to achieve this? Thanks in advance (13 Replies)
Discussion started by: karthick nath
13 Replies

10. UNIX for Advanced & Expert Users

Converting system to trusted

Hi, I need to convert few HP-UX (V 11.31) machines from un-trusted to trusted. I used the HP SMH to do this on one server. However when I click on "Yes" to proceed with the conversion, I get this error : The attempt to convert this system to a trusted system failed. The command return value... (2 Replies)
Discussion started by: anaigini45
2 Replies

LEARN ABOUT REDHAT

shadow

SHADOW(5)							File Formats Manual							 SHADOW(5)

NAME

       shadow - encrypted password file

DESCRIPTION

       shadow contains the encrypted password information for user's accounts and optional the password aging information.  Included is

	    Login name

	    Encrypted password

	    Days since Jan 1, 1970 that password was last changed

	    Days before password may be changed

	    Days after which password must be changed

	    Days before password is to expire that user is warned

	    Days after password expires that account is disabled

	    Days since Jan 1, 1970 that account is disabled

	    A reserved field

       The  password  field must be filled.  The encryped password consists of 13 to 24 characters from the 64 character alphabet a thru z, A thru
       Z, 0 thru 9, . and /.  Refer to crypt(3) for details on how this string is interpreted.

       The date of the last password change is given as the number of days since Jan 1, 1970.  The password may not be	changed  again	until  the
       proper number of days have passed, and must be changed after the maximum number of days.  If the minimum number of days required is greater
       than the maximum number of day allowed, this password may not be changed by the user.

       An account is considered to be inactive and is disabled if the password is not changed within the specified number of days after the  pass-
       word expires.  An account will also be disabled on the specified day regardless of other password expiration information.

       This information supercedes any password or password age information present in /etc/passwd.

       This file must not be readable by regular users if password security is to be maintained.

FILES

       /etc/passwd - user account information
       /etc/shadow - encrypted user passwords

SEE ALSO

       chage(1), login(1), passwd(1), su(1), passwd(5), pwconv(8), pwunconv(8), sulogin(8)

AUTHOR

       Julianne Frances Haugh (jockgrrl@ix.netcom.com)

																	 SHADOW(5)
All times are GMT -4. The time now is 10:19 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy