On Wed May 03 2000 at 13:53, "David Knaack" wrote:
> I would like to set up my RH6.1 box so that
> users can telnet to some port and get a change
> password prompt, without having to log in or
> anything. I think I can do this by setting up
> an entry in inetd.conf to give access to passwd,
> then close when its done, but I'm not sure how
> exactly that is done.
I've never tried this myself, but others have told me that it
works...
Run /usr/bin/passwd directly via /etc/inetd.conf on an unprivileged
port. If you set it up to run via /usr/sbin/tcpd then you can use
tcp_wrappers to control access to it. (There are probably some
details to be filled in here).
> I'd also like to hear any security concerns with
> doing this. I want to be able to have brain-dead
> users be able to easily change their passwords.
> I'm running a webserver already, so a web page and
> script to do this would be good too (and possably
> more secure/less likely to show up in a port scan?)
You could do this, yes. Probably the better way. You could run it
with SSL to secure it, perhaps using php or a perl cgi. Nifty little
project to get into :)
Cheers
Tony
-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-
Tony Nugent <[EMAIL PROTECTED]> Systems Administrator, RHCE
GrowZone OnLine (a project of) GrowZone Development Network
POBox 475 Toowoomba Oueensland Australia 4350 Ph: 07 4637 8322
-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-
