[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jailkit-users] Change Password
From: |
Olivier Sessink |
Subject: |
Re: [Jailkit-users] Change Password |
Date: |
Fri, 23 Sep 2005 13:51:27 +0200 |
User-agent: |
Debian Thunderbird 1.0.2 (X11/20050331) |
Scott Ruckh wrote:
> How can you enable having users being able to change their passwords?
>
> I copied passwd to chroot'd bin directory. Copied over shared libraries
> listed from doing ldd on passwd command.
that will not work, passwords are stored in /etc/shadow, *outside* your
jail. So the password utility cannot access that file.
Issue 2 is that the passwd utility is setuid root, which is undesirable
in a jail.
b.t.w.: instead of ldd you could have used jk_cp to automatically copy
the shared libraries
John Gallagher recently suggested this:
-----------
The best way may be to have them create RSA Key pairs and not use
standard passwords. The key pair would never expire and they could
control it. I guess the key pair could be copied from another system so
we would not need to chroot openssl.
-----------
for more info see for example
http://www.zettai.net/Support/Howto/sshKeyHowto
http://sial.org/howto/openssh/publickey-auth/
regards,
Olivier Sessink