Re: Password Change Machine
>>>>> "Damian" == Damian Menscher <menscher@uiuc.edu> writes:
Damian> My suggestion follows: One possibility is to take
Damian> advantage of NIS. On the server machine you have a second
Or openldap. Although, LDAP is (IMHO) currently harder to configure,
especially if you not use to LDAP. However, I am under the impression
that LDAP will be more "future compatible" (what ever that means).
For instance:
Damian> password file (passwd.nis or something) that is a "normal"
Damian> password file. In the file /etc/passwd you have the lines
Damian> root:0:0::/:/bin/bash +:0:0:::/bin/yppasswd
Damian> and set the machine to get passwords from this NIS map (do
Damian> a man on nsswitch.conf). In this way, you can have your
Damian> cronjob scp the passwd.nis file around, but transparently
Damian> substitute in this alternate shell when the users come in.
I am not sure if this is possible with LDAP, or what alternative you
should/would use.
Then again, with something like NIS or openldap you may not even need a
password change computer, but I don't understand your requirements, so
don't take my word for it.
The only other downside to NIS or openldap compared with the setup you
already use, depends on if you copy passwords over an encrypted
connection or not, and what software you use for NIS or openldap.
--
Brian May <bam@debian.org>
Reply to: