Help me (207 Views)
Reply
Occasional Advisor
Alberto J.  Isturiz G.
Posts: 13
Registered: ‎09-17-2003
Message 1 of 13 (207 Views)
Accepted Solution

Help me

we have rp4440 with HP-UX 11i v2 and I need
.- HPUXBase64
.- Security_patches ShadowPassword
Need Help
Advisor
Glen R. Bartlett
Posts: 20
Registered: ‎06-26-2003
Message 2 of 13 (207 Views)

Re: Help me

Mar '06 (11.23 Standard Patch Bundles)
can be downloaded at:

http://www2.itrc.hp.com/service/patch/releasePage.do?BC=patch.breadcrumb.main|patch.breadcrumb.bundle|releaseIndexPage|&releaseId=0603-11.23

Honored Contributor
Scot Bean
Posts: 920
Registered: ‎11-19-2000
Message 3 of 13 (207 Views)

Re: Help me

1. HPUXBase64 does not exist on 11iv2 / 11.23. This is a foundational bundle on every (64-bit) 11iv1 / 11.11 machine.

For 11iv2 / 11.23, this bundle is called HPUXBaseOS.

2. Security patches can be obtained from
- the ITRC patch area as explained above, or
- the 'security_patch_check' command / tool

3. ShadowPassword is an optional product. You can download it for free from the HP Software Depot: http://software.hp.com
Occasional Advisor
Alberto J.  Isturiz G.
Posts: 13
Registered: ‎09-17-2003
Message 4 of 13 (207 Views)

Re: Help me

tks Scot bean,

in the item 3, you say to me that in the Link http://software.hp.com I can dowload the shadowpassword product, ok perfect, but
reviewing the document it says that it requires HP-UX 11,11, is been worth for HP-UX 11i v2 (11.23)
Need Help
Honored Contributor
Mridul Shrivastava
Posts: 980
Registered: ‎01-30-2006
Message 5 of 13 (207 Views)

Re: Help me


There is no download for Shadow Passwords at HP-UX version 11.23 because it is
part of the OS.
This is documented in the HP-UX 11i Version 2 Release Notes:

"The HP-UX 11i v2 release introduces an optional, configurable Shadow Password
feature based on the de facto standard provided by other UNIX flavors,
including Sun Solaris and Linux."

Note: It was backported to 11.11, that is why there was a download for 11.11.
Time has a wonderful way of weeding out the trivial
Occasional Advisor
Alberto J.  Isturiz G.
Posts: 13
Registered: ‎09-17-2003
Message 6 of 13 (207 Views)

Re: Help me

tks Mridul,

where I can locate shadowpassword for HP-UX 11i v2 (11.23), please
Need Help
Honored Contributor
Mridul Shrivastava
Posts: 980
Registered: ‎01-30-2006
Message 7 of 13 (207 Views)

Re: Help me

1. The shadow password file is the classic (and not very secure) method to hide the encrypted passwords to prevent easy access with crack and other password guessing programs. If you have any requirement for a secure system, use Trusted. Not only are the encrypted passwords hidden from users, but you have a very large number of controls available for password choices and other security features. Trusted is much better than shadow passwords.

2. PAM is the authentication method for 11i and higher. Version 11.00 implemented some authentication with PAM but the conversion is complete only in 11i. /etc/security does not exist in HP-UX. The file is /etc/default/security and has almost no effect for a standard system, a few controls are active in a shadow password system, and virtually all the lines are available in a Trusted system. Use the command:

man security

to read about this file. The man page for pam (and related pam subjects) gives information on how to integrate other modules...I have no idea if pam_cracklib will work on HP-UX. A search of the net shows a few experiments but no solid directions on how to set it up. If you use a PAM module, it will override the built-in Trusted system features for password format. SAM can configure many of your password policies both at the user level as well at the system level. The /etc/default/security and the values listed in SAM for system and users all work together.

3. Single user mode can require a password. Since single user mode is unlike a normal Unix environment, there are no users (directories like /usr and /home are unmounted) so there is only one login possible: root. As far as getting into single user mode, the commands init s and shutdown 0 do not reach single user mode. Only a complete reboot and interaction during the boot process will get to single user mode. Naturally, there is no networking during bootup and in single user mode so all of this must take place on the real console. Only root users are allowed to shutdown the machine unless you have made special provisions in /etc/shutdown.allow file.

4. As mentioned, su always logs it's activities and always creates the sulog file if it does not exist. However, su is not the tool of choice for a secure and autdited system. The sudo command (a contributed program) is much preferred.

Pls refer this patch and its fixes etc:
PHSS_30986

Time has a wonderful way of weeding out the trivial
Honored Contributor
Mridul Shrivastava
Posts: 980
Registered: ‎01-30-2006
Message 8 of 13 (207 Views)

Re: Help me

ShadowPasswd download site
http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=ShadowPassword

For required patch check here
http://h20293.www2.hp.com/portal/swdepot/displayInstallInfo.do?productNumber=ShadowPassword

Hope that helps
Time has a wonderful way of weeding out the trivial
Honored Contributor
Mridul Shrivastava
Posts: 980
Registered: ‎01-30-2006
Message 9 of 13 (207 Views)

Re: Help me

you can also go through the following forum post:
http://forums1.itrc.hp.com/service/forums/bizsupport/questionanswer.do?threadId=965334
Time has a wonderful way of weeding out the trivial
Occasional Advisor
Alberto J.  Isturiz G.
Posts: 13
Registered: ‎09-17-2003
Message 10 of 13 (207 Views)

Re: Help me

shadowpassword

requirements and restrictions
This product requires HP-UX 11.11.


I need shadowpassword for HP-UX 11i v2 (11.23), exists?,please
Need Help
Acclaimed Contributor
James R. Ferguson
Posts: 21,184
Registered: ‎07-06-2000
Message 11 of 13 (206 Views)

Re: Help me

Hi Alberto:

Shadow Passwords are intrinsically part of 11.23. It is not an add-on product. See chapter-7 of the 11.23 release notes:

http://www.docs.hp.com/en/5990-6737/5990-6737.pdf

Regards!

...JRF...
Honored Contributor
Mridul Shrivastava
Posts: 980
Registered: ‎01-30-2006
Message 12 of 13 (206 Views)

Re: Help me

check the man pages for pwconv.
This is used for converting to shadow password.
Time has a wonderful way of weeding out the trivial
Occasional Advisor
Alberto J.  Isturiz G.
Posts: 13
Registered: ‎09-17-2003
Message 13 of 13 (206 Views)

Re: Help me

thanks a lot, we will deal with all this information and to solve with the client

Alberto J. Isturiz G.
Need Help
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.