RE: [suse-security] Howto force an account to change its password at next logon?
# passwd --help Usage: passwd [-f|-g|-s|-k[-q]] [name] passwd [-n min] [-x max] [-w warn] [-i inact] user passwd {-l|-u|-d|-S[-a]|-e|-h} user passwd - change password information -f Change the finger (gecos) information -h Change the home directory -s Change the login shell -g Change the group password -k Change the password only if expired -q Try to be quiet -S Show the password attributes -a Only with -S, show for all accounts -d Delete the password for the named account -l Locks the password entry for "user" -u Try to unlock the password entry for "user" -e Force the user to change password at next login -n min Set minimum field for "user" -x max Set maximum field for "user" -w warn Set warn field for "user" -r service Use nameservice 'service' --help Give this help list --usage Give a short usage message --version Print program version Valid services for -r are: files, nis, nisplus, ldap I believe that "passwd -e " would be the best way to do this. Although not a GUI solution, how much more simple can it get. -----Original Message----- From: Daniel Wirth [mailto:dw@wirthuell.de] Sent: Thursday, January 27, 2005 9:34 AM To: suse-security@suse.com Subject: [suse-security] Howto force an account to change its password at next logon? Dear list, we try to implement an operator proof solution to force a user to change his password at the next logon. The only way we found is: - manually alter the password creation date in /etc/shadow to a date in the past - set an coresponding password expiration period (so that the password has already expired) Do you know any nice GUI-tools to set the password creation date in /etc/shadow? Or is there any easier way to implement this? Thanks in advance Daniel -- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
Thanks Tod, I must have missed that one. Regards Daniel Ness, Todd schrieb:
# passwd --help Usage: passwd [-f|-g|-s|-k[-q]] [name] passwd [-n min] [-x max] [-w warn] [-i inact] user passwd {-l|-u|-d|-S[-a]|-e|-h} user passwd - change password information
-f Change the finger (gecos) information -h Change the home directory -s Change the login shell -g Change the group password -k Change the password only if expired -q Try to be quiet -S Show the password attributes -a Only with -S, show for all accounts -d Delete the password for the named account -l Locks the password entry for "user" -u Try to unlock the password entry for "user" -e Force the user to change password at next login -n min Set minimum field for "user" -x max Set maximum field for "user" -w warn Set warn field for "user" -r service Use nameservice 'service' --help Give this help list --usage Give a short usage message --version Print program version Valid services for -r are: files, nis, nisplus, ldap
I believe that "passwd -e " would be the best way to do this. Although not a GUI solution, how much more simple can it get.
-----Original Message----- From: Daniel Wirth [mailto:dw@wirthuell.de] Sent: Thursday, January 27, 2005 9:34 AM To: suse-security@suse.com Subject: [suse-security] Howto force an account to change its password at next logon?
Dear list,
we try to implement an operator proof solution to force a user to change his password at the next logon.
The only way we found is: - manually alter the password creation date in /etc/shadow to a date in the past - set an coresponding password expiration period (so that the password has already expired)
Do you know any nice GUI-tools to set the password creation date in /etc/shadow? Or is there any easier way to implement this?
Thanks in advance Daniel
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
participants (2)
-
Daniel Wirth -
Ness, Todd