[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

How to disable 3 login attempts (allow as many logins without suspending) on HP-UX Solaris Linux

Posted on 2008-11-18
3
Medium Priority
?
1,273 Views
Last Modified: 2013-12-21
Hi

How can I disable ssh & console login (ie login via ssh & at the physical console)
 attempts for the following Unix :
a) HP-UX trusted(enhanced security) system, B11.23 (ie one without /etc/shadow file present)
b) HP-UX B11.11 (normal HP-UX)
c) Solaris 8, 9, 10
d) Redhat Linux 4.x & 5.x

Also, how can I extend the current password expiry of 90 days to say 180 days
for all the above UNIXes?

Thanks
0
Comment
Question by:sunhux
3 Comments
 
LVL 62

Assisted Solution

by:gheist
gheist earned 400 total points
ID: 22986734
How do you find out "the current password expiry of 90 days" on ALL systems?
0
 
LVL 38

Accepted Solution

by:
yuzh earned 1040 total points
ID: 22990466
1) For Solaris modify /etc/default/login file to make sure
RETRIES=x
is commemted out (Put a # in front of the line or delete it)
2) For HP-UX, ([ a) and b) ] , you can run sam (GUI tool)
Accounts for Users and Groups -> Users, select the user from the list, go to the ACTIONS menu and select 'Modify Security Policies'. This will then allow you to modify the security settings for that particular user.
or modify the system Policies.
also have a look at:
http://forums13.itrc.hp.com/service/forums/questionanswer.do?threadId=574990&admit=109447627+1227052421586+28353475
3) For RedHat, have a look at your /etc/pam.d/system-auth file
see:
http://kbase.redhat.com/faq/FAQ_103_12548.shtm
 http://www.hcmuns.edu.vn/pub/linux/oracle/8i/docs/Installing%20Oracle%209i%20on%20RedHat%20Linux/Security.shtml.htm
 
for more details.
 
 
0
 

Author Comment

by:sunhux
ID: 22991236
> How do you find out "the current password expiry of 90 days" on ALL systems?
Guess I'll just select a few ids/accounts & issue "passwd -s id" & this will tell me
the expiry of the account/id.  This gives me a clue, so  "passwd -x 180 id"
would extend the expiry of the account/id to 180 days, thanks.

thanks Gheist, looks like I have to do "export DISPLAY=0:0; export TERM=vt100; xhost +"
before I could run SAM properly in my ssh session.

Found from the link you gave the commands to increase the max retries on terminals
& for ids/accounts are respectively :

1) For t_maxtries:
Example:
/usr/lbin/modprterm -m tmaxtries=25

2) For u_maxtries:
Example:
/usr/lbin/modprdef -m umaxlntr=9


Will allocate points after this weekend so that I can quickly refer to my "Open Questions"
section.  Thanks a lot
0

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's say you need to move the data of a file system from one partition to another. This generally involves dismounting the file system, backing it up to tapes, and restoring it to a new partition. You may also copy the file system from one place to…
Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.
Suggested Courses
Course of the Month19 days, 11 hours left to enroll

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question