Solved

Which hardening in HPUX (trusted security) disabled console CDE login (hourglass stayed there after password entry)

Posted on 2008-10-22
3
830 Views
Last Modified: 2013-12-06
Hi,

I'm not sure what hardening has been done the last few months but
we now faced this problem on our HPUX B11.23 Itanium :
when we login to CDE at console, it gives an hourglass that displays
perpetually.

First,
which process should I kill to release the console GUI - I still have
access from ssh into the servers

second,
what's the hardening change I should reverse so that I don't get
this problem anymore

Third,
my account seem to get suspended easily (I don't think it's due to 3 incorrect
password entry attempts).  anyway, how do I increase the number of allowed
retries for password for an account

I'm running in Trusted mode, ie /etc/shadow does not exist
0
Comment
Question by:sunhux
  • 2
3 Comments
 
LVL 38

Accepted Solution

by:
yuzh earned 500 total points
ID: 22783603
First,
which process should I kill to release the console GUI - I still have
access from ssh into the servers
you need to login as root, to do the followings:
/usr/dt/bin/dtconfig -kill
/usr/dt/bin/dtconfig -e
/usr/dt/bin/dtconfig -reset

man  dtconfig
to learn more deatis.
also have a look at the HP-UX FAQ:
http://www.unixguide.net/hp/faq/
second,
what's the hardening change I should reverse so that I don't get
this problem anymore
You know what you have done, you need to post the details about what you have done to the system.
Third,
my account seem to get suspended easily (I don't think it's due to 3 incorrect
password entry attempts).  anyway, how do I increase the number of allowed
retries for password for an account

have a look at  /etc/default/security file and check AUTH_MAXTRIES, you can also run sam (GUI tool) to check it out.
man security
to learn more details.
0
 

Author Comment

by:sunhux
ID: 22784117
Hardening was done before me
0
 
LVL 38

Assisted Solution

by:yuzh
yuzh earned 500 total points
ID: 22792349
You need to find out the details from logs/doc etc about what had been done for the box, soem one in your IT team might know  something about it.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to find files recursively in ftp server quickly? 7 124
unix scripting question 1 104
Access_log 17 150
remove one line from a file in solaris 8 43
When you do backups in the Solaris Operating System, the file system must be inactive. Otherwise, the output may be inconsistent. A file system is inactive when it's unmounted or it's write-locked by the operating system. Although the fssnap utility…
Why Shell Scripting? Shell scripting is a powerful method of accessing UNIX systems and it is very flexible. Shell scripts are required when we want to execute a sequence of commands in Unix flavored operating systems. “Shell” is the command line i…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…

827 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question