HP-UX Security Features - OpenMPE
HP-UX Security Features - OpenMPE
HP-UX Security Features - OpenMPE
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Shadow Password<br />
• De-facto standard to provide a secure local password<br />
storage and password policy<br />
• Allows the password field of a user entry in /etc/passwd to<br />
be hidden from non-privileged users<br />
− Encrypted password is replaced by ‘x’ in /etc/passwd and stored in<br />
the root only readable file /etc/shadow<br />
• Implements password aging policy for users stored in<br />
local /etc/passwd file<br />
− Defaults defined in /etc/default/security file<br />
− Policy parameters:<br />
• PASSWORD_MAXDAYS - maximum number of days that passwords<br />
are valid<br />
• PASSWORD_MINDAYS - minimum number of days before a<br />
password can be changed<br />
• PASSWORD_WARNDAYS - number of days before password<br />
expiration that a user is to be warned that the password must be<br />
changed<br />
Authentication Services<br />
August 26, 2004 128