|
Home > Archive > Unix True 64 > February 2005 > hashed passwords
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| Johhny 2005-02-17, 2:47 am |
| Hello,
I have noticed for the first time since starting to use Tru64 that the
passwords are actually stored in the /etc/passwd file rather than say a
/etc/shadow or other file.
I have had a look over the system and found that there is a base and
enhanced security mode. When I enabled enhanced security mode I was
unable to login with SSH with either my user account or root account.
What do I need to do to try and enable hashed passwords and where is
some good documentation on the enhanced/vs/base mode security.
Thanks
J
| |
| Johhny 2005-02-17, 7:52 am |
| http://h30097.www3.hp.com/docs/base...95ETE/TITLE.HTM
Is the document that ive been reading however the one thing im not sure
about is when I goto modify the following :
/etc/auth/system/devassign
Currently its the default and looks like this :
console:v_devs=/dev/console:v_type=terminal:chkent:
local\:0|local\:0.0:v_devs=local\:0,local\:0.0:v_type=xdisplay:chkent:
\:0|\:0.0:v_devs=\:0,\:0.0:v_type=xdisplay:chkent:
\:1|\:1.0:v_devs=\:1,\:1.0:v_type=xdisplay:chkent:
\:0.1:v_devs=\:0.1:v_type=xdisplay:chkent:
*:v_type=terminal:chkent:
*\:*:v_devs=*\:*:v_type=xdisplay:chkent:
What I want to do is enable SSH to come in. Which I assume is
/dev/pts/[0-30]
To allow that do I have to add the following ?
pts/0:v_devs=/dev/pts/[0-9]:\
:v_type=terminal:v_users=root,otheruser1
,otheruser2,test4:\
:chkent:
?
Im assuming that the regular expression may not work?
Any feedback would be great.
| |
| Johhny 2005-02-17, 7:52 am |
| I have also modified the /etc/securettys file to look like this :
# <device name>
/dev/console
/dev/tty00
/dev/pts/0
/dev/pts/1
/dev/pts/2
/dev/pts/3
/dev/pts/4
/dev/pts/5
/dev/pts/6
/dev/pts/7
/dev/pts/8
/dev/pts/9
/dev/pts/10
local:0
:0
but it has done little good.
| |
| Adam Price 2005-02-17, 5:54 pm |
| On 16 Feb 2005 23:51:05 -0800, Johhny wrote:
> Hello,
>
> I have noticed for the first time since starting to use Tru64 that the
> passwords are actually stored in the /etc/passwd file rather than say a
> /etc/shadow or other file.
>
> I have had a look over the system and found that there is a base and
> enhanced security mode. When I enabled enhanced security mode I was
> unable to login with SSH with either my user account or root account.
>
> What do I need to do to try and enable hashed passwords and where is
> some good documentation on the enhanced/vs/base mode security.
>
> Thanks
> J
Which ssh are you using and which version of Tru64? Could you login before?
Did you reboot after you changed security model?
On 5.1b ssh 'just works' with enhanced security.
On earlier version you needed to install an sshd which new about Tru64
security.
You could get such a client by compiling openssh with the correct options
or by downloading a kit from Compaq.
I don't know if the kits are avaiable for old versions these days, but
openssh is certainly still available and can be compiled.
As for the docs, I can see you have now found the security manual, so not
much more I can point you to.
Adam
| |
| Johhny 2005-02-18, 2:48 am |
| Tru64 V5.1B with Patch Kit 4 installed. The SSH daemon is the standard
one that comes with the system.
I think that its to do with the devassign or securettys ?
|
|
|
|
|