HP-UX Reference (11i v2 04/09) - 4 File Formats (vol 8)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals

301

302

303

304

305

306

307

308

309

310

security(4) security(4)

NOLOGIN=0

Ignore the /etc/nologin ﬁle and do not exit if the

/etc/nologin ﬁle exists.

NOLOGIN=1

Display the contents of the /etc/nologin ﬁle and exit if the

/etc/nologin ﬁle

exists.

Default value:

NOLOGIN=0

NUMBER_OF_LOGINS_ALLOWED

This parameter controls the number of simultaneous logins allowed per user. Note that this is

only enforced for non-root users and only applies to the applications that use session manage-

ment services provided by pam_hpsec (5) as conﬁgured in

/etc/pam.conf, or those services

that indirectly invoke login(1), such as the telnetd (1M) and rlogind(1M) commands.

NUMBER_OF_LOGINS_ALLOWED=0

Any number of logins are allowed per user.

NUMBER_OF_LOGINS_ALLOWED=

N number of logins are allowed per user.

Default value:

NUMBER_OF_LOGINS_ALLOWED=0

PASSWORD_HISTORY_DEPTH

This parameter controls the password history depth. A new password is checked only against

the number of most recently used passwords stored in password history for a particular user.

A user is not allowed to re-use a previously used password.

PASSWORD_HISTORY_DEPTH=

A new password is checked against only the N most recently used passwords for a partic-

ular user.

A conﬁguration of password history depth of 2 prevents users from alternating between two

passwords. The maximum password history depth supported is 10 and the minimum password

history depth supported is 1. A depth conﬁguration of more than 10 will be treated as 10, and

a depth conﬁguration of less than 1 will be treated as 1.

The password history depth conﬁguration is on a system basis and is supported in trusted sys-

tem for users in ﬁles repository only. This feature does not support the users in

NIS

NISPLUS repositories. Once the feature is enabled, all the users on the system are subject to

the same check. If this parameter is not conﬁgured, the password history check feature is

automatically disabled. When the feature is disabled, the password history check depth is set

to 1.

A password change is subject to all of the other rules for a new password including a check

with the current password.

Default value:

PASSWORD_HISTORY_DEPTH=1

PASSWORD_MIN_<type>_CHARS

Parameters of this form are used to require new passwords to have a minimum number of

characters of particular types (upper case, lower case, digits or special characters). This can

be helpful in enforcing site security policies about selecting passwords that are not easy to

guess.

PASSWORD_MIN_UPPER_CASE_CHARS=N

Speciﬁes that a minimum of N upper-case characters are required in a password when

changed.

PASSWORD_MIN_LOWER_CASE_CHARS=N

Speciﬁes that a minimum of N lower-case characters are required in a password when

changed.

PASSWORD_MIN_DIGIT_CHARS=N

Speciﬁes that a minimum of N digit characters are required in a password when

changed.

PASSWORD_MIN_SPECIAL_CHARS=N

Speciﬁes that a minimum of N special characters are required in a password when

changed.

Section 4−−292 Hewlett-Packard Company − 2 − HP-UX 11i Version 2: September 2004