We’re back with Solaris 10 administration series. This time, it’s the user management part.
Securing the Password
For God knows why reason (probably legacy), the default password hashing algorithm in Solaris 10 is the classic UNIX DES hashing. To change it, edit
/etc/security/policy.conf and find line starting with
CRYPT_DEFAULT and change it to this:
(you can also set to other value but
2a should be good enough)
And to change the root password, first edit
/etc/shadow and append
$2a$ to the 2nd (password) field like this:
or else chaning the root password using
passwd won’t be set using the newly configured algorithm.
First of all remember that there’s character limit of 8 for username in Solaris. Linux doesn’t have this but it’ll break
ps (displaying UID instead of username). Also creating directory in
/home is not possible because of several reasons. The proper way is to create home directory somewhere and create relevant entry in
useradd -s /bin/bash newuser mkdir -p /export/home/newuser chown newuser:staff /export/home/newuser printf "%st%sn" "newuser" "localhost:/export/home/newuser" >> /etc/auto_home passwd newuser
This will let Solaris to automount (loopback filesystem/lofs) the actual directory (in this case
Of course you can set the directory somewhere else, though having home not in
/home feels weird.