10 More Discussions You Might Find Interesting
1. Linux
Recently I have been playing with password ageing and the usage of ssh keys. I have found that if usePAM yes (default) is set in the /etc/ssh/sshd_config file then any password ageing and inactiivity can adversely affect a client with ssh keys.
For example:
Set PASS_MAX_DAYS to 60 in... (5 Replies)
Discussion started by: smurphy_it
5 Replies
2. Solaris
Hi Folks,
I have Solaris 10, latest release.
We have passwd aging set in /etc/defalut/passwd.
I have an account that passwd should never expire. Acheived by emptying associated users shadow file entries for passwd aging.
When I reset the users passwd using passwd command, it re enables... (3 Replies)
Discussion started by: BG_JrAdmin
3 Replies
3. UNIX for Advanced & Expert Users
All,
I enabled PAM and aged a password, but when I login it asks me for the current password then says password unchanged after entering the current password. Is this a bug? My security dept is going to want me to enable password aging and I'm stuck!
Any help on what the issu is?
... (6 Replies)
Discussion started by: markdjones82
6 Replies
4. HP-UX
Is it possible to have shadowed password file without implementing a Trusted System? (3 Replies)
Discussion started by: linuxdude
3 Replies
5. Shell Programming and Scripting
Hi ,
is there anyway of implementing password aging in NIS?
I would say thanks in advance.
Thanks and regards,
HAA (1 Reply)
Discussion started by: HAA
1 Replies
6. Cybersecurity
I have used the system administration management trusted security system and in the process the root password have been changed or lost.
Is there any possible way to recover root status after this incident:( (5 Replies)
Discussion started by: jordanrt
5 Replies
7. UNIX for Dummies Questions & Answers
hi experts
this is regarding password aging
i tried searching forum but i cudnt locate
given a login id,
i would like to determine whether password ageing has been enabled for that
and
for the login id whether password has been expired on a particular point of time
Thanks (4 Replies)
Discussion started by: teletype_error
4 Replies
8. UNIX for Dummies Questions & Answers
If the command passwd -f is used, Users get the below error. I need to force users to change there passwords at initial login. Anyone know what is going on? This is on a Non-Stop UX system
UX:in.login: ERROR: Your password has been expired for too long
UX:in.login: TO FIX: Consult your system... (0 Replies)
Discussion started by: breigner
0 Replies
9. UNIX for Dummies Questions & Answers
Does anyone know how to remove a stanza in the shadow password file if the user account has already been removed on an AIX box? I know it can be done by editing the file itself but I would prefer not to do it that way.
cheers
gizaa (2 Replies)
Discussion started by: gizaa
2 Replies
10. UNIX for Advanced & Expert Users
Vesion 3.8.1 of OpenSSH has been compiled on a Solaris 8 host. I am having difficulties in enabling password aging to work from reading /etc/default/passwd and /etc/shadow.
# passwd -f < user-id > works satisfactorily however once a password ages through due course from the settings in... (1 Reply)
Discussion started by: raylen
1 Replies
pwconv(1M) System Administration Commands pwconv(1M)
NAME
pwconv - installs and updates /etc/shadow with information from /etc/passwd
SYNOPSIS
pwconv
DESCRIPTION
The pwconv command creates and updates /etc/shadow with information from /etc/passwd.
pwconv relies on a special value of 'x' in the password field of /etc/passwd. This value of 'x' indicates that the password for the user is
already in /etc/shadow and should not be modified.
If the /etc/shadow file does not exist, this command will create /etc/shadow with information from /etc/passwd. The command populates
/etc/shadow with the user's login name, password, and password aging information. If password aging information does not exist in
/etc/passwd for a given user, none will be added to /etc/shadow. However, the last changed information will always be updated.
If the /etc/shadow file does exist, the following tasks will be performed:
Entries that are in the /etc/passwd file and not in the /etc/shadow file will be added to the /etc/shadow file.
Entries that are in the /etc/shadow file and not in the /etc/passwd file will be removed from /etc/shadow.
Password attributes (for example, password and aging information) that exist in an /etc/passwd entry will be moved to the corre-
sponding entry in /etc/shadow.
The pwconv command can only be used by the super-user.
FILES
/etc/opasswd
/etc/oshadow
/etc/passwd
/etc/shadow
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWcsu |
+-----------------------------+-----------------------------+
SEE ALSO
passwd(1), passmgmt(1M), usermod(1M), passwd(4), attributes(5)
DIAGNOSTICS
pwconv exits with one of the following values:
0 SUCCESS.
1 Permission denied.
2 Invalid command syntax.
3 Unexpected failure. Conversion not done.
4 Unexpected failure. Password file(s) missing.
5 Password file(s) busy. Try again later.
6 Bad entry in /etc/shadow file.
SunOS 5.10 9 Mar 1993 pwconv(1M)
