[5618] in Kerberos
Re: changing user passwords from scripts?
daemon@ATHENA.MIT.EDU (Sam Hartman)
Mon Aug 7 19:36:18 1995
To: jwb@wilbur.hhisland.com (Joe Beiter)
Cc: kerberos@MIT.EDU
In-Reply-To: Your message of "07 Aug 1995 14:26:26 EDT."
<405lsi$rpe@wilbur.hhisland.com>
Date: Mon, 07 Aug 1995 19:30:02 EDT
From: Sam Hartman <hartmans@MIT.EDU>
> Kerberos version: 4
> Platform: DEC Alpha osf/1 2.3
>
> I need to enable users to be able to change their passwords for both unix
> and kerberos in one shot. To do this I need a way for a script to be able
> to change a kerberos password.
A somewhat better option is to get a login client that allows
users to log in with their Kerberos password, disregarding the second
field of /etc/passwd. This allows users to have passwords longer than
eight characters, and stores the passwords only in a central, secure
location; if you do what you propose, you are getting virtually none
of the security benefits of Kerberos.
>
> Everything I've seen (kpasswd and kadmin..kdb_edit) all seem to be interactive.
> Is there a way to do this?
Well, you can look at the source to kpasswd and hack in the
source from passwd, or do the other way around; it depends on which is
easier. I don't know of any premade tools that do this.
