Manualshelf

Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP HP-UX Auditing System Extensions
12345678910
Table of Contents
About this Document.................................................................................................................15
I Protecting Systems...................................................................................................................21
1 Installing the HP-UX Operating Environment Securely.............................................................23
1.1 Installation Security Considerations..................................................................23
1.2 Preventing Security Breaches During the Boot Process........................................23
1.3 Enable Login Security for root........................................................................24
1.4 Using Boot Authentication to Prevent Unauthorized Access.................................25
1.5 Setting Install-Time Security Options................................................................25
1.6 Installing Security Patches..............................................................................26
1.7 Postinstallation Security Tips for Backup and Recovery.......................................26
2 Administering User and System Security..............................................................................29
2.1 Managing User Access.................................................................................29
2.1.1 Monitoring User Accounts.......................................................................29
2.1.2 Monitoring Guest Accounts.....................................................................30
2.1.3 Creating Application User Accounts.........................................................30
2.1.4 Managing Group Accounts....................................................................31
2.2 Authenticating Users During Login..................................................................31
2.2.1 Explanation of the Login Process.............................................................32
2.2.2 Checking the login Tracking Files (btmp and wtmp)...................................33
2.2.2.1 Last Command Examples................................................................33
2.2.3 Checking Who Is Logged In...................................................................34
2.3 Authenticating Users with PAM.......................................................................34
2.3.1 Overview.............................................................................................34
2.3.2 PAM Libraries.......................................................................................36
2.3.3 Systemwide Configuration Using /etc/pam.conf.......................................37
2.3.4 Sample /etc/pam.conf File....................................................................38
2.3.5 The /etc/pam_user.conf User Configuration File.......................................39
2.3.6 Examples: How PAM Works for Login.....................................................39
2.4 Managing Passwords...................................................................................41
2.4.1 System Administrator Responsibilities.......................................................41
2.4.2 User Responsibilities.............................................................................41
2.4.3 Criteria of a Good Password..................................................................42
2.4.4 Changing the /etc/passwd Password File................................................42
2.4.4.1 Examples of passwd Commands.....................................................42
2.4.4.2 The /etc/passwd File Format..........................................................43
2.4.5 The /etc/shadow Shadow Password File.................................................43
Table of Contents 3