HP-UX security Post: 38549

Sponsored Content

Operating Systems HP-UX HP-UX security Post 38549 by salhoub on Saturday 19th of July 2003 07:03:23 AM

07-19-2003

Registered User

HP-UX security

Which one of the following does HP-UX 11.X support ?and which tool can support ?

1. Should be encrypted
2. Minimum length of 8 characters
3. Should be alpha numeric
4. Expiry period of maintainable parameter in no of days/months
5. The number of new passwords that can be used by a user account before an old password can be reused is 6
6. Capability to block the use of some passwords (i.e., easily guessed passwords, passwords based on user-id, passwords containing words from the dictionary)
7. Requires user to log on before changing his password. If a user password expires, the user should not be able to change the expired password, but must instead have an administrator change the password
8. Capability to restrict access to the system based on time and days
9. Capability to log of (Time out) the user after time of inactivity
10. Capability to lock the user account after 3 failed attempts
11. Capability to limit the number of simultaneous sign-on to the system

salhoub

View Public Profile for salhoub

Find all posts by salhoub

LEARN ABOUT HPUX

userdb

userdb(4)						     Kernel Interfaces Manual							 userdb(4)

NAME

       userdb - user database for per-user information

SYNOPSIS

DESCRIPTION

       The  user  database  is	used for storing per-user information.	It consists of the directory and the files within it.  Each file name is a
       two-digit hexadecimal number from to The directory and files are created either at installation time or by the command.

       The per-user information resides in user entries in the database, and consists of any number of pairs, which are used to define the  behav-
       ior  of configurable features.  A per-user value in overrides any corresponding system-wide default configured in the file, as described in
       security(4).

       The file indicates which attributes can be configured with a per-user value in This  list  includes  the  following  attributes	which  are
       described in security(4):

       Allow or do not allow null passwords.

       Audit or do not audit users.

       Maximum number of authentication failures allowed.

       Display or do not display last login information.

       Restrict login time periods.

       Minimum password length.

       Number of simultaneous logins allowed per user.

       Password history depth.
	      Minimum number of lower case characters allowed in a password.

       Minimum number of upper case characters allowed in a password.
	      Minimum number of digit characters allowed in a password.

       Minimum number of special characters allowed in a password.

       Define umask for file creation.

   Notes
       When defining attributes, first configure default values in as described in security(4), and then configure per-user exceptions in the user
       database,

       In addition to the configurable attributes, there are internal attributes that are not user configurable and are normally modified only	by
       programs that enforce system security.  The file indicates which attributes are configurable and which are internal.

       Use the command to verify or fix information in the user database,

       To  disable  the  user database, create a file called This causes all database reads and writes to return an error code indicating that the
       database is disabled and should be ignored.  Note that, if the user database is disabled for a long period and  then  re-enabled,  it  will
       contain stale data.  This can cause unwanted side effects.

WARNINGS

       Use  the command to modify information in Do not use a text editor, because the database contains checksums and other binary data, and edi-
       tors do not follow the file locking conventions that are used to control access to the database.

       NFS mounting this database is not supported.

FILES

       user database
       security defaults configuration file
       security attributes description file

SEE ALSO

       userdbck(1M), userdbget(1M), userdbset(1M), userdb_read(3), security(4).

																	 userdb(4)