AIX password algorithm for classic appserver

Posted by jamesmc on 08-Oct-2019 12:43

Our company password policy requires us to use an exotic mix of characters and has to be over 12 characters in length.  I asked to have the password algorithm changed on our AIX servers too (they use local user accounts, not sync'ed or authenticated from another source) so that we could also use longer passwords on these servers too.

At this point we were on 10.2B and we discovered that the appserver accounts we used wouldn't work with an algorithm any more daring that the default crypt.

We have since upgraded to 11.7.3 (a little while ago now) and I want to see if I can change the algorithm to something that the appserver will approve of.

I have tried SHA256 and md5 and the appserver process will not start with either of them.

I thought I read a knowledge base article that suggested that v11+ worked with other algorithms but I can no longer find it.

Can anyone recommend an algorithm?

OE 11.7.3 (64 bit)

AIX 7.1

All Replies

Posted by Ruanne Cluer on 09-Oct-2019 15:07

OpenEdge 11 additional functionality was added for password encryption. 11.7 supports bcrypt, sha256, sha512, and sha1 (legacy)

Posted by jamesmc on 09-Oct-2019 15:50

In the file I am able to define a OS level account username that my appserver should run as with a corresponding password relating to that account.  At the moment the AIX accounts password algorithm has to be set to crypt so that the appserver will start.  I don't think the link you provided will help with that, the link relates more to user accounts defined within the spring configuration?

Posted by Jens Dahlin on 10-Oct-2019 05:32

Now it should only be added to as an option to MESSAGE-DIGEST as well! As per this posted idea:

This thread is closed