How to disable 3 login attempts (allow as many logins without suspending) on HP-UX Solaris Linux

Hi

How can I disable ssh & console login (ie login via ssh & at the physical console)
 attempts for the following Unix :
a) HP-UX trusted(enhanced security) system, B11.23 (ie one without /etc/shadow file present)
b) HP-UX B11.11 (normal HP-UX)
c) Solaris 8, 9, 10
d) Redhat Linux 4.x & 5.x

Also, how can I extend the current password expiry of 90 days to say 180 days
for all the above UNIXes?

Thanks
sunhuxAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

gheistCommented:
How do you find out "the current password expiry of 90 days" on ALL systems?
0
yuzhCommented:
1) For Solaris modify /etc/default/login file to make sure
RETRIES=x
is commemted out (Put a # in front of the line or delete it)
2) For HP-UX, ([ a) and b) ] , you can run sam (GUI tool)
Accounts for Users and Groups -> Users, select the user from the list, go to the ACTIONS menu and select 'Modify Security Policies'. This will then allow you to modify the security settings for that particular user.
or modify the system Policies.
also have a look at:
http://forums13.itrc.hp.com/service/forums/questionanswer.do?threadId=574990&admit=109447627+1227052421586+28353475
3) For RedHat, have a look at your /etc/pam.d/system-auth file
see:
http://kbase.redhat.com/faq/FAQ_103_12548.shtm
 http://www.hcmuns.edu.vn/pub/linux/oracle/8i/docs/Installing%20Oracle%209i%20on%20RedHat%20Linux/Security.shtml.htm
 
for more details.
 
 
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
sunhuxAuthor Commented:
> How do you find out "the current password expiry of 90 days" on ALL systems?
Guess I'll just select a few ids/accounts & issue "passwd -s id" & this will tell me
the expiry of the account/id.  This gives me a clue, so  "passwd -x 180 id"
would extend the expiry of the account/id to 180 days, thanks.

thanks Gheist, looks like I have to do "export DISPLAY=0:0; export TERM=vt100; xhost +"
before I could run SAM properly in my ssh session.

Found from the link you gave the commands to increase the max retries on terminals
& for ids/accounts are respectively :

1) For t_maxtries:
Example:
/usr/lbin/modprterm -m tmaxtries=25

2) For u_maxtries:
Example:
/usr/lbin/modprdef -m umaxlntr=9


Will allocate points after this weekend so that I can quickly refer to my "Open Questions"
section.  Thanks a lot
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Unix OS

From novice to tech pro — start learning today.