Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: clear passwd history without ...
Top Forums UNIX for Advanced & Expert Users clear passwd history without ... Post 73093 by RTM on Friday 27th of May 2005 09:47:45 AM
Old 05-27-2005
Warning: this is my opinion.

Quote:
clear passwd history of a user without compromising the audit trail for security
You can't - you are talking about changing your security for a user because of his/her issues with remembering a new password. I'm sure the savvy hacker can act just as dumb as a non-savvy user to get by your security measures if you start making exceptions for folks that can't make up a new password.

Give him/her a pad of paper and pencil and take away the computer.

(END RANT)
Please post the OS and version and any 3rd party security software you might be using - then an appropriate answer can hopefully be given to allow this.
 

10 More Discussions You Might Find Interesting

1. Solaris

Passwd History in Solaris 8

How to set passwd history feature in Solaris 8 to stop users from using their old passwords? (4 Replies)
Discussion started by: amoorti
4 Replies

2. UNIX for Dummies Questions & Answers

how to clear history

Hi... i have one doubt pls... 1)can we clear the command line history in UNIX for a paricular login(scadm/root)if so how?. 2) can we see the time at which command executed. history is showing like : 100 display 101 lock 102 exit (7 Replies)
Discussion started by: gincemathew
7 Replies

3. Solaris

how to clear command history

hi Any one can help me. I am using Sun_Solaris. The command history set to 100 at .cshrc. I am unable to clear the command histoy. In Linux it is very easy by giving command history -c I could not find any such type command to clear the history. Is there any such type of command for solaris.... (3 Replies)
Discussion started by: prabir
3 Replies

4. Shell Programming and Scripting

How to clear history logs of all terminal sessions

Hi, I would normally clear off the history entries from a terminal by using the following commands: > ~/.bash_history history -c But this will remove the entries of that particular session only. How to prune all the entries of all login sessions for a particular user in a system? N.B:... (3 Replies)
Discussion started by: royalibrahim
3 Replies

5. UNIX for Dummies Questions & Answers

How to clear history in Linux

Hello All, Good Morning. I am trying to erase history list in my linux box, but my below command is failing. What is the actual way to clear it? > history clear -bash: history: clear: numeric argument required Also when I run my commands in my command prompt, my team lead can see my... (7 Replies)
Discussion started by: NARESH1302
7 Replies

6. Solaris

passwd cmd reenables passwd aging in shadow entry

Hi Folks, I have Solaris 10, latest release. We have passwd aging set in /etc/defalut/passwd. I have an account that passwd should never expire. Acheived by emptying associated users shadow file entries for passwd aging. When I reset the users passwd using passwd command, it re enables... (3 Replies)
Discussion started by: BG_JrAdmin
3 Replies

7. Shell Programming and Scripting

how to clear history in ksh?

I want to clear the history so that no one should be able to see what commands I gave in the AIX OS level. I tried using history -c , ~/.sh_history, but they aren't working :wall: Please tell me the command in ksh which can clear all the previous history? (4 Replies)
Discussion started by: lg123
4 Replies

8. AIX

When did AIX start using /etc/security/passwd instead of /etc/passwd to store encrypted passwords?

Does anyone know when AIX started using /etc/security/passwd instead of /etc/passwd to store encrypted passwords? (1 Reply)
Discussion started by: Anne Neville
1 Replies

9. Shell Programming and Scripting

Clear history in ksh

Hi Am using ksh shell I need to remove history of commands used.. I tried # rm .vi_history # touch .vi_history # chmod 600 .vi_history This didnt work.. I tried also # rm .sh_history # touch .sh_history # chmod 600 .sh_history (5 Replies)
Discussion started by: Priya Amaresh
5 Replies

10. UNIX for Dummies Questions & Answers

[Solved] How to clear "history" command entries??

As in the title, how to clear the history entries? For eg: if i enter history, series of linux commands getting displayed from day 1. I need to clear those entries and want linux commands to be stored freshly. Thanks in advance (6 Replies)
Discussion started by: karthick nath
6 Replies

LEARN ABOUT OSF1

secsetup

secconfig(8)						      System Manager's Manual						      secconfig(8)

NAME

       secconfig, secsetup - Security features setup graphical interface (Enhanced Security)

SYNOPSIS

       /usr/sbin/sysman secconfig

       NOTE:  The secsetup utility has been replaced by the secconfig graphical interface.

DESCRIPTION

       The  utility  is  a  graphical interface used to select the level of system security needed.  It can convert from Base to enhanced security
       mode, and configure base and enhanced security features.  If you are using secconfig to enable  Enhanced  security,  you  must  first  have
       loaded the enhanced security subsets.

       You can run while the system is in multiuser mode.  However, if you change the security level, the change is not completed until you reboot
       the system.

       For both base and enhanced security, the secconfig utility allows you to enable segment sharing, to enable access control lists (ACLs), and
       to restrict the setting of the execute bit to root only.

       For enhanced security, the secconfig utility additionally allows you to configure security support from simple shadow passwords all the way
       to a strict C2 level of security.  Shadow password support is an easy method for system administrators, who do not wish to use all  of  the
       extended  security features, to move each user's password out of /etc/passwd and into the extended user profile database (auth.db.  You can
       use the Custom mode if you wish to select additional security features, such as breakin detection and evasion, automatic database trimming,
       and password controls.

       When  converting from base to enhanced security, secconfig updates the system default database (/etc/auth/system/default) and uses the con-
       vuser utility to migrate user accounts.

       While it is possible to convert user accounts from enhanced back to base, the default encryption algorithms and supported password  lengths
       differ between base and enhanced security, and thus user account conversions do not succeed without a password change.

       NOTE: Because of the page table sharing mechanism used for shared libraries, the normal file system permissions are not adequate to protect
       against unauthorized reading.  The secconfig interface allows you to disable segment sharing.  The change in segment sharing  takes  effect
       at the next reboot.

FILES

RELATED INFORMATION

       acl(4), authcap(4), default(4), convuser(8),
       Security delim off

																      secconfig(8)
All times are GMT -4. The time now is 02:32 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy