[EdCert previous] [EdCert next] [EdCert top]

Password protection under HP-UX 10.X

Setting up a trusted system

Under HP-UX 9.X, shadow passwords are implemented with /etc/shadow. With the introduction of HP-UX 10.X, this has changed. The basic system setup no longer includes the use of shadowed passwords. In order to implement more stringent password protection, the system must be converted to a "trusted (secure) system". Converting the system involves running SAM, clicking on "Auditing and Security" and entering y to begin the conversion process.

The conversion program goes through the system makes the following changes:

After the conversion program is finished use swlist -l to verify that SecurityMon, the fileset where audit files are kept, has been in installed. In addition check for /etc/rc.config.d/auditing and /sbin/rc2.d/S760auditing. /etc/rc.config.d/auditing contains the parameters which control auditing. This file may be modified manually or with SAM. /sbin/rc2.d/S760auditing is the script which starts auditing.

Auditing

Once the system has been converted to a trusted system, users will receive a last successful/unsuccessful login message when they log in.

Auditing task can be performed with SAM or from the command line with the following commands:

The system defaults to the following auditing parameters:

It is recommended that a new path be provided for the auxiliary audit log and that it be kept in a separate filesystem from the primary audit log.

The protected password database

After a system is converted to a trusted system, the protected password database files in /tcb/files/auth/ function in much the same manner as the /etc/shadow file. An authentication file for each user is created in the directory that corresponds the first letter of the username. The encrypted password for each user is stored in their authentication file. The protected password database is accessible only to root. Account aging information is also stored there. For a more detailed description of this database, consult the prpwd man page.

Additional security features

On a trusted system the system administrator can control how passwords are generated. Password generation options may be set for the entire system and for individual users. The options set on individual user accounts override the system defaults. Options include:

The system administrator can also specify the times-of-day and days-of-the-week when each user is permitted to log in. A device-based access control is also offered. This allows the system administrator to specify an access list for each mux and dedicated DTC port. This access information is stored in /tcb/files/auth/devassign, the device assignment database.

On a trusted system a terminal control database, /tcb/files/ttys, is also created which stores the following information for each terminal:




[EdCert previous] [EdCert next] [EdCert top]