Advertisements

Tag Archives: passwd

Solaris 10: passwd: Password in history list

root@solaris:~ # passwd emerson
New Password:
passwd: Password in history list.

Please try again
New Password:

According to this blog post Solaris 10 Password History, Solaris 10 implemented a new parameter (HISTORY) in /etc/default/passwd. This parameter keeps all the used password to prevent password recycling.

You can set to a smaller number if you wish

root@solaris:~ # vi /etc/default/passwd
HISTORY=1

Advertisements

HP-UX: root password expired in a trusted system

There is an HP-UX system that had the root password expired

user@linux:~ $ ssh root@hp-ux
Last successful login for root: Mon Apr 1 13:01:33 BRA3BDT 2013
Last unsuccessful login for root: Mon Apr 1 13:02:14 BRA3BDT 2013
Your password has expired.
Last login: Mon Apr 1 13:01:33 2013 from 172.16.4.198
Changing password for root
Old password:
Sorry.

I was unable to change the password since it is not known

root@hp-ux:/root # passwd root
Changing password for root
Old password:
Sorry.

Since there is no /etc/shadow file because this is a trusted system, to delete the root password you go to the /tcb/files/auth/r/root and delete the password from the :u_pwd attribute

root@hp-ux:/tcb/files/auth/r # cat root
root:u_name=root:u_id#0:\
:u_pwd=2576d348b7120d068cf812db81d2a414:\
:u_bootauth:u_auditid#0:\
:u_auditflag#1:\
:u_succhg#1348864982:u_unsucchg#1364832324:u_pswduser=root:u_suclog#1364832138:\
:u_unsuclog#1364832144:u_numunsuclog#1:u_maxtries#0:u_lock@:\
:chkent:

Then you should not have a problem to change the password

root@hp-ux:/tcb/files/auth/r # passwd root
Changing password for root
Last successful password change for root: Fri Sep 28 17:43:02 2012
Last unsuccessful password change for root: Mon Apr 1 13:05:24 2013

Do you want (choose one letter only):
pronounceable passwords generated for you (g)
a string of letters generated (l) ?
to pick your passwords (p) ?

Enter choice here: p
New password:
Re-enter new password:
Passwd successfully changed

Linux – Password has been used already. Choose another

root@linux:~ # passwd emerson
Changing password for emerson.
New Password:
Reenter New Password:
Password has been used already. Choose another.
Password changed

Linux is keeping the old password stored on /etc/security/opasswd. Delete the line containing the user that you’re trying to change the password

You can also check the file /etc/pam.d/common-password and look for a line with the parameter remember.

password required pam_pwhistory.so use_authtok remember=6 retry=3

Solaris passwd: System error: no files password

root@solaris:/ # passwd emerson
New Password:
Re-enter new Password:
passwd: System error: no files password for emerson.
Permission denied

In this case there was a problem in the /etc/passwd file. There was a blank line between two users.

CA Access Control sepass error message: Password was changed recently, cannot be changed again at this time

When you try to change the password of a user that recently changed its password and the server has the CA Access Control, the change will be denied.

root@solaris:/ # passwd username
CA Access Control sepass v12.0.1.1262 – Password replacement
Copyright (c) 2008 CA. All rights reserved.
Password was changed recently, cannot be changed again at this time.

To force the password change, type the command and change <username> and <password>to the values appropriate to your case

root@solaris:/ # /usr/seos/bin/selang -c “cu <username> pwasown (<password>)”
CA Access Control selang v12.0.1.1262 – CA Access Control command line interpreter
Copyright (c) 2008 CA. All rights reserved.

(localhost)
Successfully updated USER <username>
(localhost)
Native:
===
Successfully updated USER <username>

Which file does HP-UX keep the number of past passwords

The parameter PASSWORD_HISTORY_DEPTH in the /etc/default/security file controls how many past passwords HP-UX will remember the password to prevent the user from using the same old passwords he uses. Set the number as you like.

root@hp-ux11.11:/ # passwd user
Changing password for user
Last successful password change for user: Wed Apr 23 00:06:26 2008
Last unsuccessful password change for user: Thu Feb  7 12:34:42 2008

New password:
You may not re-use a previously used password.

%d bloggers like this: