Hey! Thanks for reply. Well hmm.. is there any way to open some socket and log in with other account or something like that? I mean use IE or other browser but the main point is to log in with different account and change the password. User can change password of their own not only root can change it.
And what I need this script for, is, not everyone knows how to use ssh and I don't want to give access to 50 users that can run their processes, my server will freeze. That's why I need to change it somehow different, what about loging in with root and changing passwords, but now again how to open connection to sshd. By your reply I can guess that you state that there is no chanse..and if there is it will be big security hole. :/ thnx again -mNTKz -----Original Message----- From: Tom Woody [mailto:[EMAIL PROTECTED]] Sent: Friday, January 24, 2003 12:03 PM To: Mantas Kriauciunas Cc: [EMAIL PROTECTED] Subject: Re: [PHP] SSH change password! The one problem and serious security risk you will be introducing is that if you run passwd as an unprivliged user you can only change the password of the user you are running it as. Therefore, the webserver would be running as apache, so the only password it could change would be for user apache. To get passwd to change any password it has to be run as root, therefore you would need to run the webserver as root. You would be opening a serious pandora's box with that option. Since your users have access to the server through a shell account (otherwise why bother with user accounts), you would be better served by PuTTY or another ssh client that the users change their passwords by logging in to the shell account. On Fri, 24 Jan 2003 11:48:50 -0600 "Mantas Kriauciunas" <[EMAIL PROTECTED]> wrote: > Hey! > > I was wondering with what command do you execute shell commands? > > What I need is to change users password on the server, I want to write > that script and it needs to be safe. So I don't know what should I > use. I think I will need to check username and password, then log in > through website with it and then use passwd command on that user to > change the password. Or maybe I am wrong, I never done something like > that. > > Thanks for any info! > > -mNTKz > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- Tom Woody Systems Administrator NationWide Flood Research, Inc. phone: 214-631-0400 x209 fax: 214-631-0800 Don't throw your computer out the window, throw the Windows out of your computer! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
