I'm running apache on a FC3 linux box. I'm trying to make user password control more available. I know the passwd command to change user passwords. My question is, if a user enters a password and they forget it, how can they get the password back out of the system without just re-entering a new one? Specifically, I'm using Linux-PAM with shadow passwords. I don't want to give users root access. I'm really trying to create a cgi/bash script that a user can enter their email address and it will email them there password. Seems like a simple thing to do, but I haven't seen a command to retreive a current user password from Linux-PAM/shadow passwords. I could use a MySQL database to keep track of this stuff, but I prefer to use the security that Linux already provides. Plus, then I've got plain text passwords in a database or even if I encrypted them in the database, I have the passwords in two places and then there's the risk of them getting out of sink (however small a risk).
