02-05-2014 06:10 AM
I have installed PHI & Longpassword on 11.31.
# LongPass11i3 B.11.31.01 HP-UX 11.31 LongPass11i3 Bundle
# LongPass11i3.LongPassword11i3 B.11.31.01 HP-UX 11.31 LongPassword11i3 Product
LongPass11i3.LongPassword11i3.LP-CONF B.11.31.01 LongPassword11i3 Configuration Files
# PHI11i3 B.11.31.02 HP-UX 11.31 Password Hashing Infrastructure
# PHI11i3.SHA11i3 B.11.31.02 HP-UX 11.31 SHA11i3 Product
# PHI11i3.SHA11i3.Manuals Manual Pages and Documentation
PHI11i3.SHA11i3.Manuals.SHA-ENG-A-MAN B.11.31.02 SHA11i3 English Manpages
PHI11i3.SHA11i3.SHA-CONF B.11.31.02 SHA11i3 Configuration Files
I have done a pwconv -v /etc/passwd, /etc/shadow exists.
My /etc/default/security file reads:
I have set myself a 12 character password, yet when I still log in, I can still log in with the first 8 characters.
I have since rebooted, to no affect (I wouldn't expect there to be).
Any ideas Gurus?
02-05-2014 07:22 AM
Enabling long passwords does not change existing passwords. Once you reboot, you can then change the password to a longer one and it should work OK. The extra characters after 8 were silently ignored when originally setting the password without LongPasswords setup.
02-05-2014 07:47 AM
Since the installation and reboot, I have atempted to reset my password. I do successfully do so, but when I log in, I get access denied.
My password meets these criteria:
1 upper case character(s),
1 lower case character(s),
1 digit(s), and
1 special character(s).
So, why can't I login with a password that meets these?
02-05-2014 12:33 PM
The password requirements are only used when you create a new password. If your new password fails the criteria, then the current password will not be changed. If you changed the password after you rebooted, then the new password will work OK.
02-07-2014 07:42 AM
Strange things are happening.
Upon resetting my password to fulfil the criteria, I can get in through telner but access is denied through SSH with the same pw.
Any ideas anyone?
02-08-2014 08:05 AM
Check syslog.log to see what sshd is reporting concerning this user. I am assuming that this is *NOT* the root user that is failing. If it is root, then the default for sshd is to not allow root logins.
02-10-2014 06:37 AM
Feb 7 15:29:13 servername sshd: Failed password for thasan from xxx.xxx.xxx.xxx port nnnnn ssh2
This message appears repeatedly, even whilst using the same password that allowed me, thasan, to access via telnet.
We used putty for telnet and ssh connections.
02-11-2014 01:56 AM
What is the state of the UsePAM option in your sshd configuration file (typically /opt/ssh/etc/sshd_config)?
What is your HP-UX SSH version?
From the installation requirements of the PHI11iv3 package:
To use HP-UX PHI11i3 with SSH, you must install HP-UX Secure Shell A.05.00.26 or later from Software Depot, http://software.hp.com . Also, you must set "UsePAM yes" in /etc/opt/ssh/sshd_config .