APAR status
Closed as program error.
Error description
This problem will occur when using the default 'crypt' password encryption method, with no alternate pwd_algorithm defined in login.cfg. If a user is prompted for a password change when su'ing to their account, and they give a password that is greater than 8 characters, the EFS keystore's password will be truncated to 8 characters - "mypassword" becomes "mypasswo".
Local fix
Workarounds: 1) use only the first 8 characters of your password when logging in or otherwise loading your keystore 2) use 'efskeymgr -k user/<username> -n' to reset the keystore password to the >8 character password of your choice 3) set pwd_algorithm in login.cfg to an alternate encryption method of your choice. This doesn't immediately fix the issue, because the keystore will still have the 8-character truncated password. It will prevent the issue from occurring during future password changes.
Problem summary
su truncates EFS keystore password during password change
Problem conclusion
Do not restrict password length to 8 as it gets passed to EFS as is. By deafult this 8 length restriction is imposed
Temporary fix
Comments
APAR Information
APAR number
IV95370
Reported component name
AIX V7.1
Reported component ID
5765H4000
Reported release
710
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2017-04-24
Closed date
2017-05-09
Last modified date
2017-09-25
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
IV96129 IV96133 IV96140 IV96241 IV96742
Fix information
Fixed component name
AIX V7.1
Fixed component ID
5765H4000
Applicable component levels
R710 PSY U873634
UP17/09/22 I 1000
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SG11R"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"710","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]
Document Information
Modified date:
20 April 2022