Visit Our UNIX and Linux User Community


changing password


 
Thread Tools Search this Thread
Operating Systems Solaris changing password
# 1  
Old 07-06-2004
changing password

Hi

Someone logged on the system with a Normal user and changed the password , for this user , how can i know ? who changed the password from which terminal ?

regards

Georges
# 2  
Old 07-06-2004
Hi,

I am not sure if I understood your question right ... but if you mean how you can see when a user changed his password and where, you can/should do two things.

The first thing, which is necessary anyway for a user system, is to monitor the passwd/shadow files ... Then you see when something changed.
An to see where the password was changed you could activate/configure the accounting on the machine.

But why do you want to know this ?

regards
malcom
# 3  
Old 07-06-2004
Hi

I am the system administrator on a unix machine , there is a user called "tabs" , someone changed the password for this user , the root password is only with me .

the question is , how can i know who changed the password , i need some information for who changed the password ( IP address , Terminal , .......)


i found the following messages in /var/adm/messages

Jul 2 09:21:13 Billtest last message repeated 1 time
Jul 2 09:22:06 Billtest login: [ID 376080 auth.crit] change password failure: A
uthentication token manipulation error
# 4  
Old 07-08-2004
itsgeorge,

If this is just on one machine, you can look at the shadow or passwd file to see when it was last change. This would give you the time in which it was change. If he/she log on as tabs and change the password, there is no way for you to know who did it. If the user had log on as himself and the su to tabs, then your log should show when someone change to tabs ( look at around the same time frame that the passwd fiel was change). If you have a main server that handles the passwd file then I would use command last and look at around the same time frame that the file was change to see who log on. I think over all you can get the time it was change but can only get close to the person, unless you had install some security script or program to handle this.
# 5  
Old 07-09-2004
Hi there

thanks for your reply , i appreciate it

i will see how can i install some scripts for that .

Regards
george
# 6  
Old 07-09-2004
You can also look at /var/log/syslog - it may already show what connections were made to the server from where - check through the output from the last command to corrdinate times of who logged in when and from where.

Previous Thread | Next Thread
Test Your Knowledge in Computers #203
Difficulty: Medium
Perl is not an interpreted language.
True or False?

10 More Discussions You Might Find Interesting

1. AIX

Changing root password

I want to change the root password on an AIX box. What is the best method to do this so i do not get myself locked out. When I do i search the results come up for resetting the password if you are locked out. Thanks (5 Replies)
Discussion started by: fierfek
5 Replies

2. Shell Programming and Scripting

password changing

Hi all Im trying to learn the basics of bash and am struggling with some file manipulation. I am trying to run a script that once you have logged in allows you to change your password which is held (along with the corresponding username) in a different file called usernames. When i try to run my... (2 Replies)
Discussion started by: somersetdan
2 Replies

3. UNIX for Advanced & Expert Users

Changing the password prompt

Is there any way I can change the prompt which asks for the password on a UNIX system? e.g. When I login using Telnet instead of "Password" I should get "Correct Password". Thanks, Vineet (3 Replies)
Discussion started by: vineetd
3 Replies

4. Solaris

Solaris user changing password

i created 1 user . Now its passwd time period get expired. Now how can I set password for that user. Also how can I set a condition such a way that after every 3 months user must change his passwd. (5 Replies)
Discussion started by: ajitkraj
5 Replies

5. Linux

Problem changing user password

Hi all, I'm having an issue resetting an Linux user password. As root, I type 'passwd <username>, enter the new password, but the user is still Access Denied. Can someone assist me in figuring this one out? The box is running "Linux trm62 2.4.21-15.ELsmp #1 SMP Thu Apr 22 00:18:24 EDT 2004... (6 Replies)
Discussion started by: bbbngowc
6 Replies

6. Solaris

Changing Password in NIS

Friends I want to know whether i can change the password of a user logged in thru NIS from a client machine after stopping the YP services in NIS server. Note - The Slave server is up and running. I tried doing this. But i got the reply "Permission Denied". I stopped the YP services in... (7 Replies)
Discussion started by: efunds
7 Replies

7. HP-UX

Changing root password

I have two unix system A and B with same configuration. I can use remsh from A system login to B system as root, but when I want to change the root password of B system, it ask me the old password, but i forgot it. However, is it possible to change the B system root password? :( Thanks a lot (3 Replies)
Discussion started by: zetadhell
3 Replies

8. AIX

changing user password

I have 02 servers: - Linux RHEL AS 3 (server1) - AIX 5.2 (server2) Running the command rsh server2 passwd derje from the server1 to change derje user password on server2, give me this error: 3004-709 Error while changing the password for "derje" Can somebody help me ? (0 Replies)
Discussion started by: mayge
0 Replies

9. UNIX for Dummies Questions & Answers

Changing password is to short ?

Hello im trying to change the user password with passwd but when I enter the password it gives me this msg: passwd: Password too short - must be at least 6 characters. BUT the thing is that the initial password was 4 letters why now it asking for 6 ? tnx (2 Replies)
Discussion started by: umen
2 Replies

10. UNIX for Dummies Questions & Answers

Password Changing With NIS

SCO OpenServer 5.05 Has anyone ever received this error when attempting to change/assign a user password? #ypasswd ======================================= yppasswd: (host name) is not running yppasswd daemon Password request denied. Reason: Remote password change request denied.... (2 Replies)
Discussion started by: gseyforth
2 Replies

Featured Tech Videos