|
Security Basics
mailing list archives
Re: remote passwd change
From: "Brian Shaw" <bshaw () vsvinc com>
Date: Fri, 3 Oct 2003 08:39:02 -0400
Unfortunately, sending the paswords in clear text will compromise the machines
security. A better way to do it would be to setup a secure web page on that
server with a CGI script behind it to make the changes. This also would have
the advantage that your windows users would need to add anything to their
computers. You could just send them all an email containing the link for them
to click on.
Brian
Bite the Power!
-- Bucky Kat, 2003
---------- Original Message -----------
From: "Ruiz Cifuentes, Rolando Matias (CL - Santiago)" <rruiz () deloitte cl>
To: security-basics () securityfocus com
Sent: Thu, 2 Oct 2003 16:21:40 -0400
Subject: remote passwd change
Here is the scenario:
RedHat 7.2 using shadows passwords -> used for popmail use
popmail users are RedHat users, so their password are in /etc/shadow
users dont know nothing about linux (they are windows basic users)
Here is my problem:
I need to make them (~200 users) able to change their linux (mail) pasword
remotely, in the easiest every ever thought way. how can i do this?
(i' dont care if passwds are send in plaint text over the net) I'
was thiking in something like:
telnet myserver anyport (using a .bat file in their computers)
and then the server replies something like:
Enter your Username: <user>
Enter your OldPass: <pass1>
Enter your NewPass: <pass2>
Enter your NewPass again: <pass2>
Your password has been change. Have a nice day!
do anyone knows anyway to do this? (in this or any other way)
thaks for your help
---------------------------------------------------------------------------
----------------------------------------------------------------------------
------- End of Original Message -------
---------------------------------------------------------------------------
----------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
| 
Intro
