What is Trusted mode in HPUX?
In trusted mode HPUX OS will turned on the system auditing.With system auditing we can trace each and every system call issued by each user on the system. In case your HPUX system is non-trusted then system auditing will be disabled.
Password management features in Trusted mode:
a. You can specify grace period and expiry period for the password.
b. You can specify system-wide password aging policy.
c. You can specify an absolute account life.
d. You can also able to disable accounts after repeated login failures.
e. You can also use a random password generator in HPUX system.
How to enable trusted mode in HPUX or how to make HPUX system trusted:
1. Make the backup of /etc/shadow file
#cp /etc/shadow /etc/shadow.old
2. Now use tsconvert command to enable trusted mode in HPUX as below:
# /etc/tsconvert -c Creating secure password database... Directories created. Making default files. Enabling Boot Authentication ... System default file created... Terminal default file created... Device assignment file created... Moving passwords... secure password database installed.
3. Create pwhist file under tcb folder or directory as below:
#cd tcb/files/auth/system #mkdir pwhist #cd pwhist #touch pwhist_0 #chown root:root pwhist_0
4. Change password for all users since they get expired after you make the system trusted.
5. Just to crosscheck try to log in to server with your new password.