LPA Enhanced Security
Jump to navigation
Jump to search
Enabling LPA
LPA is a security enhancement to user password generation. Typically AIX only allows passwords that are at a max 8 characters in length. LPA extends the password length up to 255 characters. The table below describes the different algorithms and how they generate their hashes.
- Information for the pwd_algorithm attribute is contained in /etc/security/pwdalg.cfg file.
- Add the LPA pwd_algorithm to the usw stanza in /etc/security/login.cfg
- # chsec -f /etc/security/login.cfg -s usw -a pwd_algorithm=[ smb5 | ssha1 | ssha256 | ssha512 | sblowfish ]
- To activate the LPA the user must login and change their password.