[HPADM] Summary: where's password stored in enhanced security (equivalent of /etc/shadow)

From: "sunhux G" <sunhux@xxxxxxxxx>
Date: Sun, 16 Nov 2008 15:38:31 +0800

Thanks to Dmitriy Stoyanov & Jim Turner, their replies are appended below
=============================================================

Enchanced security, enable other type of store user password and save it's
in files /tcb/files/auth/*/* with creating directories by first symbol of
usernames and files in that directories by username.

so I'll backup the entire subdirectory /tcb/files/auth/... & if I want
back the old password, restore back this entire subdirectory (or possibly
one of the subdirectory that's related to this account/id

=============================================================

If by "enhanced security" you mean "trusted system", the passwords and lots
of other important account info is in the /tcb/files/auth/ tree. From
there, the next dir is the first letter of the account name like "r" for
root.

# pwd
/tcb/files/auth/r

# ll
total 16
-rw-rw-r-- 1 root root 149 Nov 14 06:11 root

# cat root
root:u_name=root:u_id#0:\
:u_pwd=/axuoQ5zvkh1s:\
:u_bootauth:u_auditid#0:\
:u_auditflag#1:\
:u_pswduser=root:u_suclog#1226664687:u_lock@:chkent:

On Fri, Nov 14, 2008 at 3:35 PM, sunhux G <sunhux@xxxxxxxxx> wrote:

Hi,

I'm about to reset the password of a critical account (which I do
not know the current password) but I'm worried that changing
the password may affect jobs that may have hardcoded the
password somewhere.

For a non-enhanced security Unix, I would take a backup of
/etc/shadow, change the password & if there's problem with
jobs, I can always revert back to the old password by restoring
back /etc/shadow.

I do not know which jobs (if any) uses this account as I just
inherited this system.

Anyone know where in HP UX B11.23 enhanced security is
the password stored so that I can take a backup or let me
know any alternate solution/workaround to my problem here

Thanks
U

Follow-Ups:
- [HPADM] unsubscribe
  - From: Arturo Matiz

Prev by Date: [HPADM] unsubscribe
Next by Date: [HPADM] unsubscribe
Previous by thread: [HPADM] where's password stored in enhanced security (equivalent of /etc/shadow)
Next by thread: [HPADM] unsubscribe
Index(es):
- Date
- Thread

Relevant Pages

Risks Digest 25.73
... German electronic health card system failure ... Risks of the Cloud: Liquid Motors ... Oakland 2010, IEEE Symposium on Security and Privacy, CFP ... A friend's facebook account was hacked recently (a neat little short-term ...
(comp.risks)
Re: MBSA, Office Update, Versions, Failures
... I apologize for posting this to three groups (MBSA, Windows Update, ... with Domain User account. ... Microsoft Baseline Security Advisor (? ... Office 2000 Security Patches - Red X's, ...
(microsoft.public.officeupdate)
Re: write with cURL
... you can stop making excuses. ... up an account for you, process the billing, etc. ... possible features from a web site to make up for the security issues. ... Nothing you have told me shows me you know how to lock down a server ...
(alt.php)
Re: Basic Authentication fails with Error 401.2 where Integrated s
... On the IIS directory security tab, anonymous access is disabled, digest ... authentication is disabled, integrated authentication is disabled and basic ... account created has full permissions for the folder and the file that's in it. ...
(microsoft.public.inetserver.iis.security)
[NEWS] Vulnerability Enables Passport Account Hijackings (No Secret Question)
... Beyond Security in Canada ... to promote the most advanced vulnerability assessment solutions today. ... A newly disclosed vulnerability could enable attackers to reset the ... who needs to reset his account password can be manipulated by attackers on ...
(Securiteam)