Re: Lost User Account Passwords

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Tim Alberts <talberts <at> msiscales.com> writes:

> 
> I'm running apache on a FC3 linux box.  I'm trying to make user password
> control more available.  I know the passwd command to change user
> passwords.  My question is, if a user enters a password and they forget
> it, how can they get the password back out of the system without just
> re-entering a new one?  
> 
> Specifically, I'm using Linux-PAM with shadow passwords.  I don't want
> to give users root access.  I'm really trying to create a cgi/bash
> script that a user can enter their email address and it will email them
> there password.  Seems like a simple thing to do, but I haven't seen a
> command to retreive a current user password from Linux-PAM/shadow
> passwords.  I could use a MySQL database to keep track of this stuff,
> but I prefer to use the security that Linux already provides.  Plus,
> then I've got plain text passwords in a database or even if I encrypted
> them in the database, I have the passwords in two places and then
> there's the risk of them getting out of sink (however small a risk).
> 
IMHO it's never a good idea to dual post passwords. The passwd/shadow scenario
is a single pass one way encryption -- don't know of anyone that's cracked one
yet!!!
In my world if someone forgets the password, root resets and the user runs the
passwd command. New password!!!! Period!!!!
If you don't want root to have to intervene you may try to run a "sudo passwd 
one time only script" that allows the user to reset their own password, but it
should be done with the option to "change on first log in" and when the script
is finished the user is not left in root.......
Just my two pennies.....
cheers
goose







[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux