Hi, I have a SuSE9 NIS master server and SuSE9 NIS clients. Changing passwords works in the way that a user types 'passwd' and enters his old passwd and the new password twice. What is the problem now is that I want to be able to set/change a user's password as root without knowing the user's password. This is a common task if a user has forgotten his password, for example. Now, how do I setup the master to do so? Doing (as root) on the NIS master 'passwd john', I get the response Changing password for john. Old Password: which is exactly what I do NOT want. It does not help feeding root's password in there, and since I do not know the user's password, I am unable to change the password. Any help? Thanks in advance, Dominik. --
On Tuesday 13 April 2004 09:59, Dominik Epple wrote:
Hi,
I have a SuSE9 NIS master server and SuSE9 NIS clients.
Changing passwords works in the way that a user types 'passwd' and enters his old passwd and the new password twice.
What is the problem now is that I want to be able to set/change a user's password as root without knowing the user's password. This is a common task if a user has forgotten his password, for example.
Now, how do I setup the master to do so? Doing (as root) on the NIS master 'passwd john', I get the response
Changing password for john. Old Password:
which is exactly what I do NOT want. It does not help feeding root's password in there, and since I do not know the user's password, I am unable to change the password.
Any help?
Thanks in advance,
Dominik. --
As root it should look like this: passwd john Changing password for john. New password: Does john have his account on the master server?
steve-ss wrote: <snip>
Changing password for john. Old Password:
which is exactly what I do NOT want. It does not help feeding root's password in there, and since I do not know the user's password, I am unable to change the password.
Any help?
Thanks in advance,
Dominik. --
As root it should look like this:
passwd john Changing password for john. New password:
Does john have his account on the master server?
yppasswd is the command for changing NIS passwords. I've been using webmin though. It can be set up to change information in other modules. This means when I change a users password, it gets changed in etc, NIS, and samba all at once. -- Louis D. Richards LDR Interactive Technologies
On Tuesday 13 April 2004 16:19, Louis Richards wrote:
steve-ss wrote:
<snip>
Changing password for john. Old Password:
which is exactly what I do NOT want. It does not help feeding root's password in there, and since I do not know the user's password, I am unable to change the password.
Any help?
Thanks in advance,
Dominik. --
As root it should look like this:
passwd john Changing password for john. New password:
Does john have his account on the master server?
yppasswd is the command for changing NIS passwords.
but SuSE 9.0 gives this: steve@sbs2:~> yppasswd steve yppasswd is deprecated, use /usr/bin/passwd instead Changing password for steve. Old Password:
On Tue, Apr 13, 2004 at 11:19:56AM -0400, Louis Richards wrote:
steve-ss wrote:
<snip>
Changing password for john. Old Password:
which is exactly what I do NOT want. It does not help feeding root's password in there, and since I do not know the user's password, I am unable to change the password.
Any help?
Thanks in advance,
Dominik. --
As root it should look like this:
passwd john Changing password for john. New password:
Yes, it SHOULD, but it DOES not.
Does john have his account on the master server?
Yes.
yppasswd is the command for changing NIS passwords.
If you invoke yppasswd instead of passwd you get # yppasswd john yppasswd is deprecated, use /usr/bin/passwd instead Changing password for john. Old Password: The behaviour of yppasswd is the same as passwd.
I've been using webmin though. It can be set up to change information in other modules. This means when I change a users password, it gets changed in etc, NIS, and samba all at once.
I want (need) a console tool which I can use without X, web browser and stuff. Regards, Dominik.
On Wed, Apr 14, Dominik Epple wrote:
On Tue, Apr 13, 2004 at 11:19:56AM -0400, Louis Richards wrote:
steve-ss wrote:
<snip>
Changing password for john. Old Password:
which is exactly what I do NOT want. It does not help feeding root's password in there, and since I do not know the user's password, I am unable to change the password.
Any help?
Thanks in advance,
Dominik. --
As root it should look like this:
passwd john Changing password for john. New password:
Yes, it SHOULD, but it DOES not.
No, it should NOT. This is stupid. Think twice about this. If you trust root for chaning NIS passwords, everybody can change the NIS password of every user without knowing the old one. In this case, you don't need passwords anymore. If you have luck, you can use the root password instead of the old password of the user. But in this case you should change your root password, too, because it was send in _clear_ text over the network. Thorsten -- Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk@suse.de SuSE Linux AG Maxfeldstr. 5 D-90409 Nuernberg -------------------------------------------------------------------- Key fingerprint = A368 676B 5E1B 3E46 CFCE 2D97 F8FD 4E23 56C6 FB4B
On Wed, Apr 14, 2004 at 03:25:33PM +0200, Thorsten Kukuk wrote:
As root it should look like this:
passwd john Changing password for john. New password:
Yes, it SHOULD, but it DOES not.
No, it should NOT. This is stupid. Think twice about this. If you trust root for chaning NIS passwords, everybody can change the NIS password of every user without knowing the old one. In this case, you don't need passwords anymore.
If you have luck, you can use the root password instead of the old password of the user. But in this case you should change your root password, too, because it was send in _clear_ text over the network.
This applies also to the passwords users type when changing their own password. One could overcome this problem by changing user's passwords as root only when logged in (for example via ssh) on the NIS master server. Then the mechanism would rely either on proper authentication of root on the NIS server (if a bad guy is root on the NIS master server we have a problem anyway) or force root on the NIS server to re-authenticate (would perhaps give a bit of extra security without sending the password in cleartext over the network). It is important to understand that I (and I bet, not just me, but a lot of other people) NEED to be able to change as root a user passwords without knowing the old user password. What I do now is change as root a local password and cut-and-paste the encrypted password into the source of the yp files. Not very convenient. So is the answer to my question that the desired functionality is removed on purpose for the sake of security? Shouldn't a software vendor let me decide what is a security problem and what not? What I need as feature and with which security risks I can live? Regards, Dominik.
On Wed, Apr 14, Dominik Epple wrote:
On Wed, Apr 14, 2004 at 03:25:33PM +0200, Thorsten Kukuk wrote:
As root it should look like this:
passwd john Changing password for john. New password:
Yes, it SHOULD, but it DOES not.
No, it should NOT. This is stupid. Think twice about this. If you trust root for chaning NIS passwords, everybody can change the NIS password of every user without knowing the old one. In this case, you don't need passwords anymore.
If you have luck, you can use the root password instead of the old password of the user. But in this case you should change your root password, too, because it was send in _clear_ text over the network.
This applies also to the passwords users type when changing their own password.
Correct. One reason why I have implemented rpasswdd/rpasswd.
One could overcome this problem by changing user's passwords as root only when logged in (for example via ssh) on the NIS master server. Then the mechanism would rely either on proper authentication of root on the NIS server (if a bad guy is root on the NIS master server we have a problem anyway) or force root on the NIS server to re-authenticate (would perhaps give a bit of extra security without sending the password in cleartext over the network).
It is important to understand that I (and I bet, not just me, but a lot of other people) NEED to be able to change as root a user passwords without knowing the old user password.
Yes, and if you change the password in the souces for the NIS maps as root and rebuilds the maps, this works fine. How to do this depends on your NIS server configuration.
So is the answer to my question that the desired functionality is removed on purpose for the sake of security?
The functionality _never_ exist. There was nothing removed. Thorsten -- Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk@suse.de SuSE Linux AG Maxfeldstr. 5 D-90409 Nuernberg -------------------------------------------------------------------- Key fingerprint = A368 676B 5E1B 3E46 CFCE 2D97 F8FD 4E23 56C6 FB4B
On Wednesday 14 April 2004 14:25, Thorsten Kukuk wrote:
On Wed, Apr 14, Dominik Epple wrote:
On Tue, Apr 13, 2004 at 11:19:56AM -0400, Louis Richards wrote:
steve-ss wrote:
<snip>
Changing password for john. Old Password:
which is exactly what I do NOT want. It does not help feeding root's password in there, and since I do not know the user's password, I am unable to change the password.
Any help?
Thanks in advance,
Dominik. --
As root it should look like this:
passwd john Changing password for john. New password:
Yes, it SHOULD, but it DOES not.
No, it should NOT. This is stupid. Think twice about this. If you trust root for chaning NIS passwords, everybody can change the NIS password of every user without knowing the old one. In this case, you don't need passwords anymore.
Sorry if I'm being thick today but if root can't change passwords then who can? Everyone else gets asked for the old password first. If you don't know it then you can't change it. . .?
On Wed, Apr 14, steve-ss wrote:
On Wednesday 14 April 2004 14:25, Thorsten Kukuk wrote:
On Wed, Apr 14, Dominik Epple wrote:
On Tue, Apr 13, 2004 at 11:19:56AM -0400, Louis Richards wrote:
steve-ss wrote:
<snip>
Changing password for john. Old Password:
which is exactly what I do NOT want. It does not help feeding root's password in there, and since I do not know the user's password, I am unable to change the password.
Any help?
Thanks in advance,
Dominik. --
As root it should look like this:
passwd john Changing password for john. New password:
Yes, it SHOULD, but it DOES not.
No, it should NOT. This is stupid. Think twice about this. If you trust root for chaning NIS passwords, everybody can change the NIS password of every user without knowing the old one. In this case, you don't need passwords anymore.
Sorry if I'm being thick today but if root can't change passwords then who can? Everyone else gets asked for the old password first. If you don't know it then you can't change it. . .?
The NIS protocol allows only the user to change the password with NIS. Else root has to change it on the local machine without NIS and rebuild the maps. Thorsten -- Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk@suse.de SuSE Linux AG Maxfeldstr. 5 D-90409 Nuernberg -------------------------------------------------------------------- Key fingerprint = A368 676B 5E1B 3E46 CFCE 2D97 F8FD 4E23 56C6 FB4B
participants (4)
-
Dominik Epple -
Louis Richards -
steve-ss -
Thorsten Kukuk