I have setup OpenSMTPD + dovecot + roundcube simple mail server. People can ssh log in to the OpenBSD box, change their password using command passwd, the system account password is also the mail account password.
So, for security reason, how to let the user can only run one command(passwd) when they login? or are there any other methods to let mail account user change their password by themself easily? sshd_config ChrootDirectory not suit our needs. 1. administrator login OpenBSD box, adduser user. 2. the user ssh log in OpenBSD box, run "passwd" to change their password assign by administrator.
