HP-UX Reference (11i v2 03/08) - 4 File Formats (vol 8)
s
security(4) security(4)
NOLOGIN=0 Ignore the /etc/nologin file and do not exit if the
/etc/nologin
file exists.
NOLOGIN=1 Display the contents of the /etc/nologin
file and exit if the
/etc/nologin file exists.
Default value:
NOLOGIN=0
NUMBER_OF_LOGINS_ALLOWED
This parameter controls the number of simultaneous logins allowed per user. Note that
this is only enforced for non-root users and only applies to the login (1) command or those
services that indirectly invoke login(1) such as the telnetd (1M) and rlogind (1M) com-
mands.
NUMBER_OF_LOGINS_ALLOWED=0
Any number of logins are allowed per user.
NUMBER_OF_LOGINS_ALLOWED=
NNnumber of logins are allowed per user.
Default value:
NUMBER_OF_LOGINS_ALLOWED=0
PASSWORD_HISTORY_DEPTH
This parameter controls the password history depth. A new password is checked only
against the number of most recently used passwords stored in password history for a par-
ticular user. A user is not allowed to re-use a previously used password.
PASSWORD_HISTORY_DEPTH=
N A new password is checked against only the N most
recently used passwords for a particular user.
A configuration of password history depth of 2 prevents users from alternating between
two passwords. The maximum password history depth supported is 10 and the minimum
password history depth supported is 1. A depth configuration of more than 10 will be
treated as 10, and a depth configuration of less than 1 will be treated as 1.
The password history depth configuration is on a system basis and is supported in trusted
system for users in files repository only. This feature does not support the users in
NIS
or NISPLUS repositories. Once the feature is enabled, all the users on the system are
subject to the same check. If this parameter is not configured, the password history
check feature is automatically disabled. When the feature is disabled, the password his-
tory check depth is set to 1.
A password change is subject to all of the other rules for a new password including a
check with the current password.
Default value:
PASSWORD_HISTORY_DEPTH=1
PASSWORD_MIN_<type>_CHARS
Parameters of this form are used to require new passwords to have a minimum number
of characters of particular types (upper case, lower case, digits or special characters).
This can be helpful in enforcing site security policies about selecting passwords that are
not easy to guess.
PASSWORD_MIN_UPPER_CASE_CHARS=N Specifies that a minimum of N upper-case
characters are required in a password when changed.
PASSWORD_MIN_LOWER_CASE_CHARS=N Specifies that a minimum of N lower-case
characters are required in a password when changed.
PASSWORD_MIN_DIGIT_CHARS=N Specifies that a minimum of N digit characters
are required in a password when changed.
PASSWORD_MIN_SPECIAL_CHARS=N Specifies that a minimum of N special charac-
ters are required in a password when changed.
Default value: The default for each of these parameters is zero.
PASSWORD_MAXDAYS
This parameter controls the default maximum number of days that passwords are valid.
This value, if specified, is used by the authentication subsystem during the password
change process in the case where aging restrictions do not already exist for the given
user. The value takes effect after the password change. This parameter applies only to
local users and does not apply to trusted systems. The passwd -x option can be used to
override this value for a specific user.
HP-UX 11i Version 2: August 2003 − 2 − Hewlett-Packard Company Section 4−−279