Shadowing the password file 1

[joedyq]

Gents ,

How do I shadow the password file , what is the command basically ?

Joe

 

[AIXSPadmin]

Shadowing is enabled by default. /etc/security/passwd is the file.

 

[gheist]

aix already has password shadow file /etc/security/passwd, so you should not call it a problem

 

[joedyq]

Gentleman ,

Thank you !! in the process of doing this for all of our HP-UX servers , nice to know IBM do this by default .

 

[joedyq]

One further question however, does this comply with TCB and expectations of same ?!

 

[avadh]

Hello,
NO this does not comply with TCB. Let me explain this.
ON AIX when you do brand new install you get a option do you want to install TCB. If you say yes then TCB is installed. If you have a system up and running then you may not have TCB installed.

If you need TCB installed then you have to do complete overwrite or complete new install. then you can install TCB. There is a command one can run to check if tcb is installed or not. You have to look at man on TCB.

 

[joedyq]

Thanking you again !! It really helps having this forum to refer to.

 

[cspilman]

For the tcb issue, there is a way to change the status of TCB to enabled without re-installing. You will need to create a text file with the following in it:

dflt = "tcb_enabled"

and then issue the following:

odmchange -o PdAt -q "dflt = tcb_disabled" your_textfile.txt

To check to see if it is enabled or disabled, enter:

odmget PdAt | grep tcb
Regards,
Chuck

 

[ElgisRamon]

Your last comment only shows if TCB [red]was[/red] was installed, but doesn't changes anything else... beware!
I hope it works...
Unix was made by and for smart people.