also sprach Moses Moore <[EMAIL PROTECTED]> [2002.01.24.2128 +0100]:
> I found something that claims to do this.
> http://www.geocities.com/beradrian/soft/soft.html#cgipasswd
>
> It claims to use PAM, and it should only be used over https for reasons
> that should be obvious.
it doesn't do md5, a
also sprach Ralf Dreibrodt <[EMAIL PROTECTED]> [2002.01.24.1905 +0100]:
> and then no user, who has a valid shell has to enter the old password
> from user x, when he wants to change the password of user x.
> perhaps even if x=root ;-)
/bin/passwd does not allow the specification of a username, un
also sprach Moses Moore <[EMAIL PROTECTED]> [2002.01.24.2128 +0100]:
> I found something that claims to do this.
> http://www.geocities.com/beradrian/soft/soft.html#cgipasswd
>
> It claims to use PAM, and it should only be used over https for reasons
> that should be obvious.
it doesn't do md5,
also sprach Ralf Dreibrodt <[EMAIL PROTECTED]> [2002.01.24.1905 +0100]:
> and then no user, who has a valid shell has to enter the old password
> from user x, when he wants to change the password of user x.
> perhaps even if x=root ;-)
/bin/passwd does not allow the specification of a username, u
martin f krafft wrote:
> that was me, and no, noone has mentioned any bad aspects yet, other than your
> users having to type the old password twice. however, it's not the
> solution i amlooking for, so i am implementing a highly secure way to do it
> over and
> SSL/TLS-encrypted webform with emph
On Thu, Jan 24, 2002 at 07:05:54PM +0100, Ralf Dreibrodt wrote:
> and then no user, who has a valid shell has to enter the old password
> from user x, when he wants to change the password of user x.
> perhaps even if x=root ;-)
You have to enter it once for the ssh daemon anyways. He just wanted to
martin f krafft wrote:
> that was me, and no, noone has mentioned any bad aspects yet, other than your
> users having to type the old password twice. however, it's not the
> solution i amlooking for, so i am implementing a highly secure way to do it over and
> SSL/TLS-encrypted webform with emphas
Hi,
David N Moore wrote:
>
> i'm a new poster here, but one thing that strikes me is that the
> source to passwd should be hanging around somewhere. It wouldn't be
> incredibly difficult to make a custom version which does not ask for
> the original password, right? Then you could set it to be
On Thu, Jan 24, 2002 at 11:17:59AM -0600, Rob VanFleet wrote:
> On Thu, Jan 24, 2002 at 07:23:35AM +0100, martin f krafft wrote:
> >
> >
> > also sprach Rob VanFleet
> > > On this list (I beleive) I saw someone mention the use of /bin/passwd
> > > as a shell for mail-only users so they can easily
On Thu, Jan 24, 2002 at 07:23:35AM +0100, martin f krafft wrote:
>
>
> also sprach Rob VanFleet
> > On this list (I beleive) I saw someone mention the use of /bin/passwd
> > as a shell for mail-only users so they can easily change their password
> > without having to ask someone. Is this a secur
On Thu, Jan 24, 2002 at 07:05:54PM +0100, Ralf Dreibrodt wrote:
> and then no user, who has a valid shell has to enter the old password
> from user x, when he wants to change the password of user x.
> perhaps even if x=root ;-)
You have to enter it once for the ssh daemon anyways. He just wanted t
Hi,
David N Moore wrote:
>
> i'm a new poster here, but one thing that strikes me is that the
> source to passwd should be hanging around somewhere. It wouldn't be
> incredibly difficult to make a custom version which does not ask for
> the original password, right? Then you could set it to be
On Thu, Jan 24, 2002 at 11:17:59AM -0600, Rob VanFleet wrote:
> On Thu, Jan 24, 2002 at 07:23:35AM +0100, martin f krafft wrote:
> >
> >
> > also sprach Rob VanFleet
> > > On this list (I beleive) I saw someone mention the use of /bin/passwd
> > > as a shell for mail-only users so they can easil
On Thu, Jan 24, 2002 at 07:23:35AM +0100, martin f krafft wrote:
>
>
> also sprach Rob VanFleet
> > On this list (I beleive) I saw someone mention the use of /bin/passwd
> > as a shell for mail-only users so they can easily change their password
> > without having to ask someone. Is this a secu
also sprach Rob VanFleet
> On this list (I beleive) I saw someone mention the use of /bin/passwd
> as a shell for mail-only users so they can easily change their password
> without having to ask someone. Is this a secure option, or am I
> missing some glaring problems? If so, what are some othe
On this list (I beleive) I saw someone mention the use of /bin/passwd as
a shell for mail-only users so they can easily change their password
without having to ask someone. Is this a secure option, or am I missing
some glaring problems? If so, what are some other possible solutions?
Thanks,
Rob
also sprach Rob VanFleet
> On this list (I beleive) I saw someone mention the use of /bin/passwd
> as a shell for mail-only users so they can easily change their password
> without having to ask someone. Is this a secure option, or am I
> missing some glaring problems? If so, what are som
On this list (I beleive) I saw someone mention the use of /bin/passwd as
a shell for mail-only users so they can easily change their password
without having to ask someone. Is this a secure option, or am I missing
some glaring problems? If so, what are some other possible solutions?
Thanks,
Rob
18 matches
Mail list logo
