1
Can I safely replace the password hash in the AIX /etc/security/passwd
file? Are there any AIX quirks that would stand in the way of me just using vi to replace the hash?
I want to consolidate the root passwords on my AIX servers. On Solaris, IRIX, and Linux I would compare the password hash in /etc/shadow. If it wasn't the same, I could replace it with the desired hash. AIX uses /etc/security/passwd
, which has a different format. Examples of the password field:
password = 2bOR!2Bp8jest
password = {ssha512}06$2bOR!2Bp8jestHAH$hamlet[...]
I assume the answer is, "Yes, they can be compared. They can be replaced, but be very careful."
Bonus points (if I have enough rep to award) if someone describes how older AIX versions fail if a newer crypto algorithms, such as {ssha512}
isn't available.
I want to emphasize the fact I wish to manually edit /etc/security/passwd. Are there any AIX quirks that require any extra steps or precautions in addition to just using vi to edit the file? – IAmJeff – 2015-04-29T14:36:33.193
1
Have a look at this. I edit the file myself, but wanted to triple check before telling someone else to do it. https://www.ibm.com/developerworks/community/forums/html/topic?id=77777777-0000-0000-0000-000014454472
– Alex Atkinson – 2015-05-04T15:39:51.877Yup, that answers it. I found another link and answered myself before I saw your comment. – IAmJeff – 2015-05-04T16:14:49.607