Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Security hardening for standard HP-UX users
Operating Systems HP-UX Security hardening for standard HP-UX users Post 303008387 by Peasant on Thursday 30th of November 2017 11:37:46 PM
Old 12-01-2017
/etc/shadow does not exist by default on HPUX system.

It is an additional install, and it should be done to harden the security, if required.
Otherwise, any user on the system can copy the /etc/passwd file and brute force the hashes.

You do not want to change those system users shell or anything else.
This is not a security issue nor it should be considered one since those users do not have a password defined.

Hope that helps
Regards
Peasant.
 

5 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Security Issue with Standard Input?

Hi Gang, Running a script in AIX 5.3. Users wanted me to add a "confirm you want to run script, enter 'y' or 'n'" kind of thing... here is what I came up with: #!/bin/sh myfile=`basename "$1"` dateNow=`date "+%m.%d.%Y.%H.%M.%S"` # Get current date mydatedfile=$myfile.$dateNow... (2 Replies)
Discussion started by: yall
2 Replies

2. Solaris

Hardening Solaris

What do we need to do to harden a freshly installed solaris OS? like disable telnet, no ftp for root etc...What all services you need to stop? How to check what ports are open? etc etc....please provide all tips that come to your mind...thanks:) (5 Replies)
Discussion started by: rcmrulzz
5 Replies

3. Shell Programming and Scripting

standard error to standard out question

Hi there how can i get the result of a command to not give me its error. For example, on certain systems the 'zfs' command below is not available, but this is fine becaues I am testing against $? so i dont want to see the message " command not found" Ive tried outputting to /dev/null 2>&1 to no... (5 Replies)
Discussion started by: hcclnoodles
5 Replies

4. UNIX for Dummies Questions & Answers

Redirect Standard output and standard error into spreadsheet

Hey, I'm completely new at this and I was wondering if there is a way that I would be able to redirect the log files in a directories standard output and standard error into and excel spreadsheet in anyway? Please remember don't use too advanced of terminology as I just started using shell... (6 Replies)
Discussion started by: killaram
6 Replies

5. UNIX for Dummies Questions & Answers

Pop the users one by one in sudo cat /etc/security/user

Hi Everyone, When I runthe query in ssh shell sudo cat /etc/security/user , I see half of the users cut down from the display screen. what I want to do is using the somthing like "pop" that when I hit the enter key every time the screen should move to the next user? does some one has any idea how... (4 Replies)
Discussion started by: starter2011
4 Replies

LEARN ABOUT CENTOS

git-shell

GIT-SHELL(1)							    Git Manual							      GIT-SHELL(1)

NAME

       git-shell - Restricted login shell for Git-only SSH access

SYNOPSIS

       chsh -s $(command -v git-shell) <user>
       git clone <user>@localhost:/path/to/repo.git
       ssh <user>@localhost

DESCRIPTION

       This is a login shell for SSH accounts to provide restricted Git access. It permits execution only of server-side Git commands implementing
       the pull/push functionality, plus custom commands present in a subdirectory named git-shell-commands in the user's home directory.

COMMANDS

       git shell accepts the following commands after the -c option:

       git receive-pack <argument>, git upload-pack <argument>, git upload-archive <argument>
	   Call the corresponding server-side command to support the client's git push, git fetch, or git archive --remote request.

       cvs server
	   Imitate a CVS server. See git-cvsserver(1).

       If a ~/git-shell-commands directory is present, git shell will also handle other, custom commands by running "git-shell-commands/<command>
       <arguments>" from the user's home directory.

INTERACTIVE USE

       By default, the commands above can be executed only with the -c option; the shell is not interactive.

       If a ~/git-shell-commands directory is present, git shell can also be run interactively (with no arguments). If a help command is present
       in the git-shell-commands directory, it is run to provide the user with an overview of allowed actions. Then a "git> " prompt is presented
       at which one can enter any of the commands from the git-shell-commands directory, or exit to close the connection.

       Generally this mode is used as an administrative interface to allow users to list repositories they have access to, create, delete, or
       rename repositories, or change repository descriptions and permissions.

       If a no-interactive-login command exists, then it is run and the interactive shell is aborted.

EXAMPLE

       To disable interactive logins, displaying a greeting instead:

       +

	   $ chsh -s /usr/bin/git-shell
	   $ mkdir $HOME/git-shell-commands
	   $ cat >$HOME/git-shell-commands/no-interactive-login <<EOF
	   #!/bin/sh
	   printf '%s
' "Hi $USER! You've successfully authenticated, but I do not"
	   printf '%s
' "provide interactive shell access."
	   exit 128
	   EOF
	   $ chmod +x $HOME/git-shell-commands/no-interactive-login

SEE ALSO

       ssh(1), git-daemon(1), contrib/git-shell-commands/README

GIT

       Part of the git(1) suite

Git 1.8.3.1							    06/10/2014							      GIT-SHELL(1)
All times are GMT -4. The time now is 03:00 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy