02-06-2012
Quote:
I'm still not sure what being 'trusted' gives me. It just was already 'trusted' when I got given the opportunity to take it on (i.e. dumped with it) Does untrusted just mean that the passwords are stored (encrypted) in /etc/passwd field 2 so there is a risk that someone might peek and then decipher them? Will I lose the complexity/history rules for passwords or something else perhaps? I will be delighted if it doesn't re-prompt for the old password when I've just typed it in, and as for that generating a next password malarky, no thanks. All users, be they IT or not, hate it too.
To read about "untrused", just see "man passwd". You will lose complexity and history rules. The "root" user will not need to know an old password. Passwords will be stored encrypted in /etc/passwd, but there is no direct unencryption method beyond brute force by a "root" user.
Keep some sessions logged in as "root" if you make this change. I recall that all existing user passwords were lost during the change from "trusted" to "untrusted" and that every user needed a password reset. Don't know if this has been fixed. HP Openview stopped working and need a re-install.
The "sudo" command is not a HP-UX command. It is 3rd-party software which administrators elect to use in order to bypass "trusted" security. No guarantee that it would continue to work unchanged.
I can't see how changing from "trusted" to "untrusted" will fix your application problem.
As others advise, make a full Disaster Recovery backup before considering this change.
10 More Discussions You Might Find Interesting
1. HP-UX
I was playing with sam and i turned on the Trusted System feature (UX11i).
Now i cant log onto it anymore, i can ping it, but icant telnet, rlogin or login at the login screen.
I dont want to reboot my machine because i am affraid it wont boot and ask for a password. My root password is not... (1 Reply)
Discussion started by: Netghost
1 Replies
2. Solaris
hi i have created a pool using zpool command for my /dev/dsk/c1d0s3 disk.
The poolname is qwertyuiopasdfghjklmnbvcxzzxcvbnmasdfghjklqwertyuiopoiuytrewqasdfghjklkjhgfdsazxcvbnmmnbnbcxczxzassd
ddddvfhfghgjjgjhgkhkljfjlhohihiuyuioyguioyguiowyuiogwyuigwrigywuigyguiyuiogyugiyguioyuyguiowygiuygui... (1 Reply)
Discussion started by: SankarV
1 Replies
3. HP-UX
Is it possible to have shadowed password file without implementing a Trusted System? (3 Replies)
Discussion started by: linuxdude
3 Replies
4. Emergency UNIX and Linux Support
Instead of importing a project/folder as
svn import vlsms/ file:///home/repo/vlsms -m "Initial Upload"
I did
svn import vlsms/ file:///home/repo -m "Initial Upload"
How to undo this import (in a clean way,without trace?)
---------- Post updated at 03:10 AM ---------- Previous update was at... (0 Replies)
Discussion started by: johnbach
0 Replies
5. HP-UX
I have a new box that was set up for me and I want to allow telnet to the box as root. I know that it's not secure but due to the nature of what I test I need an easy and reliable way back in if I've messed up the other connection methods(SSH). This is in a protected lab environment. Eventually... (17 Replies)
Discussion started by: gctaylor
17 Replies
6. Linux
Long story short, there was some sort of corruption with my ide and the script I was working on has been over written with nothing (the file is blank now). The IDE doesn't store a back up from what I know (I'm using notepadd++ in wine lol I know I know I'm addictted to the nppftp sidebar and geany... (1 Reply)
Discussion started by: noPermissions
1 Replies
7. UNIX for Advanced & Expert Users
I thought I would share gmail revert to old look permanently. I am sure I am not the only one annoyed by the new look.
Install Stylish extension
Choose the Stylish UserStyle that you want.
I know The Return of Old Gmail and gmail-b2b both work but I prefer gmail-b2b since I think it looks... (0 Replies)
Discussion started by: cokedude
0 Replies
8. UNIX for Advanced & Expert Users
Hi,
I have deleted a file and commited in CVS.
So, is there any CVS command to revert back that deleted file with existing log messages.
--Thanks in advance
Madhu (1 Reply)
Discussion started by: madhuti
1 Replies
9. UNIX for Dummies Questions & Answers
I have given as:
PS1="Karthick>" in linux.
Now the prompt changed as:
Karthick>
Now I need to get back the default prompt .
How to achieve this?
Thanks in advance (13 Replies)
Discussion started by: karthick nath
13 Replies
10. UNIX for Advanced & Expert Users
Hi,
I need to convert few HP-UX (V 11.31) machines from un-trusted to trusted.
I used the HP SMH to do this on one server. However when I click on "Yes" to proceed with the conversion, I get this error :
The attempt to convert this system to a trusted system failed.
The command return value... (2 Replies)
Discussion started by: anaigini45
2 Replies
LEARN ABOUT HPUX
putpwent
putpwent(3C) putpwent(3C)
NAME
putpwent() - write password file entry
SYNOPSIS
DESCRIPTION
is the inverse of (see getpwent(3C)). Given a pointer to a structure as created by or writes a line on the stream f, which matches the
format of
ignores the audit ID and audit flag in the structure; and create the corresponding entries used in the protected password database, used
for trusted systems. which produces entries that match the trusted password database file format, must be used to create these entries.
See getprpwent(3).
DIAGNOSTICS
returns non-zero if an error was detected during its operation; otherwise it returns zero.
WARNINGS
HP-UX 11i Version 3 is the last release to support trusted systems functionality.
FILES
System Password file
SEE ALSO
getpwent(3C), getprpwent(3), passwd(4), prpwd(4), stdio(3S), fopen(3S), thread_safety(5).
STANDARDS CONFORMANCE
putpwent(3C)