Mailinglist Archive: opensuse-security (601 mails)

< Previous Next >
Re: [suse-security] one-time passwords
  • From: Yuri Robbers <yuri@xxxxxxxxxxxxxxxxxxxx>
  • Date: Wed, 9 Aug 2000 22:17:39 +0200 (MEST)
  • Message-id: <Pine.LNX.4.21.0008092213190.8604-100000@xxxxxxxxxxxxxxxxxxxx>

Hi!

On Wed, 9 Aug 2000, Jan Trippler wrote:

> On Mit, Aug 09, 2000 at 09:05:17 +0200, Yuri Robbers wrote:
> >
> > What I need is a password that can be used only for the _first_ ever login
> > of a user. After logging in the user would be presented with a query for a
> > new password, which is henceforth used in the normal way (the expiries and
> > stuff for this are already in place and working).
> >
> > I hope my question is clearer now :o)
>
> Yes, indeed :-)
>
> An idea (untested):
> Create the user with your one way password and change the third
> field in the /etc/shadow (days since Jan 1, 1970 that password was
> last changed) in a way, that the password is expired. Then the user
> is forced to change this password at his next login.
>
> I performed a little test: It works but you have to check the seventh
> field in /etc/shadow. The password must be expired but the account
> has to be valid.

Hmm... sounds good too.... I'll play around with it.

> Jan
>
> I hope you understood my english ;-)

no problem at all!

Cheers!

Yuri.

--------------------------------------------------------------------------
drs. Yuri Robbers phone : +31-71-527-4966
Leiden University fax : +31-71-527-4900
Institute for Theoretical Biology email : robbers@xxxxxxxxxxxxxxxxxxxx
Kaiserstraat 63
2311 GP Leiden PGP 5.0 public key available:
the Netherlands Check your favourite hkp server.
--------------------------------------------------------------------------



< Previous Next >
References