Boot Authenticator
Home Up Who is running SUID NIS+ and Trusted Sys AAA Server Intro NIS+ Passwd Tbl umask NIS+ Support Kerberos Install Kerberos Config Boot Authenticator Shadow Password Bundle

 

 


4.5.1 The Boot Authenticator
 
HP-UX 11i Security, by Chris Wong, Prentice Hall PTR; ISBN: 0130330620

 

If you are running HP-UX 11i or higher and your system is not trusted, you can install the Boot Authenticator bundle.  This can be found at http://software.hp.com .

This bundle gives you the same functionality as described in section 4.5.  However, this allows you to perform this capability without needing a trusted system.  As a matter of fact, it is only supported on a standard HP-UX system (not trusted).

After installing the bundle (which requires a reboot) edit the /etc/default/security file:

BOOT_AUTH=0 Boot authentication is turned OFF.

BOOT_AUTH=1 Boot authentication is turned ON.

When boot authenication is turned on, you must give the root password before getting access to single user mode.  Great caution should be used when turning this feature on.  The majority of time users need single user mode is for root password recovery.  Physically securing the host is preferred over turning on this option.

 



 

    

 Copyright 2007 NEWFDAWG.COM All rights reserved.     Last modified: 02/03/07.