Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 18 Jul 1997 15:17:03 -0600 (MDT)
From:      Justin Ashworth <ashworth@esus.cs.montana.edu>
To:        Troy Settle <rewt@i-Plus.net>
Cc:        questions@FreeBSD.ORG
Subject:   Re: Change another user's password?
Message-ID:  <Pine.OSF.3.95.970718143125.14892F-100000@esus.cs.montana.edu>
In-Reply-To: <199707181836.OAA03111@radford.i-plus.net>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Fri, 18 Jul 1997, Troy Settle wrote:
> 
> What is the nature of these restricted shells?

  They spit out a message letting the user know that they don't have shell
access on that machine.

> At one time, I had a simple script as the shell, allowing users to do
> simple things, or even run a regular shell.  Since then, I've grown a
> little more paranoid, and have changed everyone's shell to /usr/bin/passwd.
>  Now, when they telnet to the mail server, all they are able to do, is
> change their password.  Shell access is provided on another machine that's
> kept isolated from the rest of the network.

  Thanks for the suggestion. We considered this, but we keep independent
passwd files on all of our machines. The user would have to telnet to
several machines to keep their passwords consistent. We are not using NIS+
or rdist, just straight password files. It would be a huge support
headache for us if a user changed their password on the POP3 server then
tried to FTP their web page to our web server with that password. I have
come up with what I think is the best plan - a web interface. This is much
more comfortable to a user who doesn't know what telnet is.

- Justin Ashworth
-- ashworth@cs.montana.edu
- http://www.cs.montana.edu/~ashworth




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?Pine.OSF.3.95.970718143125.14892F-100000>