with Tags:
security
X

Updated script - Don't let your AIX passwords expire
Here is an updated script from an old blog post I did on not letting your AIX passwords expire . This updated script now also handles user accounts with maxage set to 0 (no password expiration). Here is the updated script: #!/usr/bin/perl use strict; use POSIX qw(ceil); use User::pwent; use Term::ANSIColor; my ($user,%userids); while ($user = getpwent()){ my $u = $user->name;... [More]
Tags:  aix script password security perl |
New Article: Getting started with Nmap for system administrators |
Copying AIX password hashes between servers
AIX stores password hashes under /etc/security/passwd. Each user with a password defined will have a stanza in this file that specifies what the hashed password is.
Here is an example for the root user: # grep -p root /etc/security/passwd root: password = 2zfymAdUyNdA. lastupdate = 1360555127 If you would like to transfer a users password from one server to another, you can simply copy the users stanza out of /etc/security/passwd and put it in this same file on the other server (replacing their existing stanza). ... [More]
Tags:  script security aix password |
Check permissions for intermediate directories on Linux/UNIX when troubleshooting permission problems
I've seen several Linux/UNIX system administrators struggle with a scenario like this one: A user reports to the administrator they are trying to "cd" in to a directory but keep getting permission denied: $ cd /tmp/level1/level2/level3/level4/level5/level6 ksh: /tmp/level1/level2/level3/level4/level5/level6: Permission denied. As the root user, the administartor checks the permissions on the directory: # ls -ald /tmp/level1/level2/level3/level4/level5/level6 drwxrwxrwx 2 root system 256 Dec 19 20:11... [More]
Tags:  unix security aix permissions linux |
Every possible UNIX/Linux umask mode.. Plus scripts to generate these lists
As a follow up to my posting from yesterday, Every possible UNIX/Linux file permission: Listed and explained (All 4,096 of them) , I also made a list of every possible umask mode including the file and directory permissions that would be created at each umask mode. Also, below are the scripts I wrote to generate the list of permissions and the list of umasks. umask script: #!/usr/bin/ksh #Brian Smith - create HTML table of every possible umask echo "<table border=1 cellpadding=4>" echo "<tr>"... [More]
Tags:  security linux aix unix scripting umask script |
Every possible UNIX/Linux file permission: Listed and explained (All 4,096 of them)
The generic read/write/execute UNIX/Linux file permissions are fairly easy to understand. But when you start getting in to the SUID, SGID, and Sticky bits things get more complicated and harder to understand. For example, if you came across a file with "--S--S--T" permissions would you know what this means? By reading this short posting and referring to the table linked below, you would be able to quickly and easily decipher any possible file permission you might run in to and translate it in to english :) Here is a little... [More]
Tags:  files permissions security aix linux unix |
Edit sudoers file from a script
If you need to edit the sudoers file from a script, you might be tempted to directly edit the file. But like it says at the top of /etc/sudoers - the file must only be edited with the visudo command. This is because visudo validates the syntax before putting the new file in place. Without this syntax validation it is very easy to make a mistake in the file after which sudo no longer works (hopefully at that point you have the root password so you can still access root without sudo :) )
Here is an example of how a line can be added to... [More]
Tags:  aix ed sudoers script linux security sudo unix |
SSH Host keys – know when to keep em and when to change them
The first time you connect to a server using SSH you are prompted to accept the host key. After this, each time you connect the client uses the cached SSH host public key (stored in ~/.ssh/known_hosts) to authenticate that the server it is connecting to is the same server it connected to the first time. This is done to prevent a man in the middle attack which is when a malicious server presents itself as another server in order to capture passwords or other information. If SSH didn't have host keys, you... [More]
Tags:  ssh keys aix security linux |