One easy way is to do this. Make their login shell /bin/rksh Make their login PATH /somepath and cp /usr/bin/passwd /somepath
You can take it a lot further, but this is an easy start. On Thu, Jun 14, 2012 at 06:01:14PM +0800, f5b wrote: > I have setup OpenSMTPD + dovecot + roundcube simple mail server. > People can ssh log in to the OpenBSD box, change their password using command > passwd, > the system account password is also the mail account password. > > So, for security reason, how to let the user can only run one command(passwd) > when they login? > or are there any other methods to let mail account user change their password > by themself easily? > > sshd_config ChrootDirectory not suit our needs. > > 1. administrator login OpenBSD box, adduser user. > 2. the user ssh log in OpenBSD box, run "passwd" to change their password > assign by administrator.
