Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Security hardening for standard HP-UX users
Operating Systems HP-UX Security hardening for standard HP-UX users Post 303008223 by rbatte1 on Wednesday 29th of November 2017 05:21:54 AM
Old 11-29-2017
I agree. Have a look at /etc/shadow or wherever the credentials files are held (somewhere down /tcb/auth/files ?) where there is a file for each user. If the password is *LK* or something else that is not a random 13 character string, then they can't be logged onto anyway. In theory someone with super-user privilege could su to them without needing a password, but then they would have all privileges already.



Robin
 

5 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Security Issue with Standard Input?

Hi Gang, Running a script in AIX 5.3. Users wanted me to add a "confirm you want to run script, enter 'y' or 'n'" kind of thing... here is what I came up with: #!/bin/sh myfile=`basename "$1"` dateNow=`date "+%m.%d.%Y.%H.%M.%S"` # Get current date mydatedfile=$myfile.$dateNow... (2 Replies)
Discussion started by: yall
2 Replies

2. Solaris

Hardening Solaris

What do we need to do to harden a freshly installed solaris OS? like disable telnet, no ftp for root etc...What all services you need to stop? How to check what ports are open? etc etc....please provide all tips that come to your mind...thanks:) (5 Replies)
Discussion started by: rcmrulzz
5 Replies

3. Shell Programming and Scripting

standard error to standard out question

Hi there how can i get the result of a command to not give me its error. For example, on certain systems the 'zfs' command below is not available, but this is fine becaues I am testing against $? so i dont want to see the message " command not found" Ive tried outputting to /dev/null 2>&1 to no... (5 Replies)
Discussion started by: hcclnoodles
5 Replies

4. UNIX for Dummies Questions & Answers

Redirect Standard output and standard error into spreadsheet

Hey, I'm completely new at this and I was wondering if there is a way that I would be able to redirect the log files in a directories standard output and standard error into and excel spreadsheet in anyway? Please remember don't use too advanced of terminology as I just started using shell... (6 Replies)
Discussion started by: killaram
6 Replies

5. UNIX for Dummies Questions & Answers

Pop the users one by one in sudo cat /etc/security/user

Hi Everyone, When I runthe query in ssh shell sudo cat /etc/security/user , I see half of the users cut down from the display screen. what I want to do is using the somthing like "pop" that when I hit the enter key every time the screen should move to the next user? does some one has any idea how... (4 Replies)
Discussion started by: starter2011
4 Replies

LEARN ABOUT OPENDARWIN

pwconv

pwconv(1M)						  System Administration Commands						pwconv(1M)

NAME

       pwconv - installs and updates /etc/shadow with information from /etc/passwd

SYNOPSIS

       pwconv

DESCRIPTION

       The pwconv command creates and updates /etc/shadow with information from /etc/passwd.

       pwconv relies on a special value of 'x' in the password field of /etc/passwd. This value of 'x' indicates that the password for the user is
       already in /etc/shadow and should not be modified.

       If the /etc/shadow file does not exist, this command will create /etc/shadow with  information  from  /etc/passwd.  The	command  populates
       /etc/shadow  with  the  user's  login  name,  password,	and  password  aging  information. If password aging information does not exist in
       /etc/passwd for a given user, none will be added to  /etc/shadow. However, the last changed information will always be updated.

       If the  /etc/shadow file does exist, the following tasks will be performed:

		Entries that are in the  /etc/passwd file and not in the /etc/shadow file will be added to the /etc/shadow file.

		Entries that are in the  /etc/shadow file and not in the /etc/passwd file will be removed from /etc/shadow.

		Password attributes (for example, password and aging information)  that exist in an /etc/passwd entry will be moved to the  corre-
		sponding entry in  /etc/shadow.

       The pwconv command can only be used by the super-user.

FILES

       /etc/opasswd

       /etc/oshadow

       /etc/passwd

       /etc/shadow

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsu			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       passwd(1), passmgmt(1M), usermod(1M), passwd(4), attributes(5)

DIAGNOSTICS

       pwconv exits with one of the following values:

       0	SUCCESS.

       1	Permission denied.

       2	Invalid command syntax.

       3	Unexpected failure.  Conversion not done.

       4	Unexpected failure.  Password file(s) missing.

       5	Password file(s) busy.	Try again later.

       6	Bad entry in /etc/shadow file.

SunOS 5.10							    9 Mar 1993								pwconv(1M)
All times are GMT -4. The time now is 06:24 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy