I am looking for ways to expire the passwords on my systems. However, since there are many users that use the systems without logging in to the shell, the shadow aging mechanism won't cut it. Apart from that, it's quite crap anyway. I already have a means to change the password through a web interface, so now what I need is a better aging mechanism and a notification mechanism. I would like to be able to have users change the password every 90 days, but not before the password is 7 days old. Moreover, the current password cannot be the same as the previous xx ones (13 would be appropriate here). Two weeks before the password expires, the users is supposed to start geting a daily mail reminding her of that fact. Is this all possible, or am I stuck with the shadow aging mechanism (which lies about the -I option to chage, or I didn't understand it), and will have to write a custom notification script that parses /ec/shadow? Thanks, -- Please do not CC me when replying to lists; I read them! .''`. martin f. krafft <madduck@debian.org> : :' : proud Debian developer, admin, and user `. `'` `- Debian - when you have better things to do than fixing a system Keyserver problems? http://keyserver.kjsl.com/~jharris/keyserver.html Get my key here: http://people.debian.org/~madduck/gpg/330c4a75.asc
Attachment:
pgpAXVXjjvJx4.pgp
Description: PGP signature