General discussion

Locked

password acceptance

By chilcotewc ·
Is there a tool that will automatically tell you if the password you have added for a user in HP-UX or Sun Solaris is within the correct parameters for security reasons?

This conversation is currently closed to new comments.

9 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

password acceptance

by cavedweller In reply to password acceptance

I'm not at my solaris system now so I can't check this for accuracy. Usually you can edit /etc/default/passwd and set password parameters. (it might be /etc/default/login instead). Can you set the required parameters so that they meet your security rules? That depends on your rules.

Collapse -

password acceptance

by chilcotewc In reply to password acceptance

The question was auto-closed by TechRepublic

Collapse -

password acceptance

by cpfeiffe In reply to password acceptance

On HP-UX make your system secure (SAM GUI can do this). After you set your parameters you won't be able to create a password outside of the parameters unless you take your system out of secure mode. Solaris will act the same way if you set any parameters in /etd/default/login.

Collapse -

password acceptance

by chilcotewc In reply to password acceptance

The question was auto-closed by TechRepublic

Collapse -

password acceptance

by ghislain.levesque In reply to password acceptance

On Solaris system, edit this file:
/etc/default/passwd in there you have 3 settings.
MINWEEKS=Minimum time period before the password can be changed.

PASSLENGTH=Minimum length of password, in characters.

MAXWEEKS= Maximum weeks before expiration


Under HP-UX use SAM to set these options...

Collapse -

password acceptance

by chilcotewc In reply to password acceptance

The question was auto-closed by TechRepublic

Collapse -

password acceptance

by insatiable In reply to password acceptance

I'm also a .mil :-)

There are security guides, called STIGs for those operating systems. They tell you what the min, max, and default password length should be, among other things, to make your system compliant (to security rules)

You can also use a security tool, crack, to see if it can "crack" the passwords to see if anyone is using something too easy on your system, that dictionary password cracking software would be able to guess.

If you need more information, feel free to emailme for the URLs.
Good luck!!

Collapse -

password acceptance

by chilcotewc In reply to password acceptance

The question was auto-closed by TechRepublic

Collapse -

password acceptance

by chilcotewc In reply to password acceptance

This question was auto closed due to inactivity

Back to Linux Forum
9 total posts (Page 1 of 1)  

Related Discussions

Related Forums