On Mit, Aug 09, 2000 at 09:05:17 +0200, Yuri Robbers wrote:
What I need is a password that can be used only for the _first_ ever login of a user. After logging in the user would be presented with a query for a new password, which is henceforth used in the normal way (the expiries and stuff for this are already in place and working).
I hope my question is clearer now :o)
Yes, indeed :-) An idea (untested): Create the user with your one way password and change the third field in the /etc/shadow (days since Jan 1, 1970 that password was last changed) in a way, that the password is expired. Then the user is forced to change this password at his next login. I performed a little test: It works but you have to check the seventh field in /etc/shadow. The password must be expired but the account has to be valid. Jan I hope you understood my english ;-)