HP-UX and trusted system

Kevin Steves stevesk at sweden.hp.com
Tue Oct 24 02:21:52 EST 2000


On Mon, 23 Oct 2000, Jim Simmons wrote:
: Unless I'm mistaken, the only thing having HAVE_HPUX_TRUSTED_SYSTEM_PW
: defined during the compile does is to call bigcrypt instead of crypt in
: auth-passwd.c.  If you're not using passwords longer that 8 characters, I'd
: expect a binary built on a non-trusted system would work on a trusted one
: (and it has in my limited testing).
: 
: A better solution for HPUX would probably be to have the routine call
: iscomsec to see if trusted is on or off and then call the appropriate crypt
: routine.

Yes, that change was added a while back, though after 2.2.0p1's release.  
This works on 10.20 and 11.0.  You can grab the latest snapshot if you
need it now.

: Note that I take the defaults and let it build using PAM on my systems -- if
: you don't there might possibly be other problems to be taken care of.

If you're using 11.0 I recommend PAM, which is presently the most fully
functional login mechanism for HP-UX.  A future libpam patch will
support changing expired passwords.

I'm working on a password access interface with the goal of cleaning
things up for all the different platforms.






More information about the openssh-unix-dev mailing list