tags:

views:

396

answers:

5
+3  Q: 

What is the best way to change a user-password remotely in Unix?

What is the best way to change a user-password remotely in Unix? This must be performed by the user, in a Web-app or Windows-App, without using SSH or any direct connection between the user and the server (direct command line not allowed).

Thanks

+5  A: 

Use Webmin (more specifically the UserMin module).

Webmin provides a mini webserver, so you just need to install and configure it slightly. You'll get a lot more than just password-changing, and you can remove functionality you don't want the user to have.

gbjbaanb  2008-09-30 10:10:20
A: 

You could write a server side script that ran passwd, you could do that in any language that allows shell commands to be run.

Rich Bradshaw  2008-09-30 10:11:35
If you write a script to run passwd on the remote host, you might as well just execute passwd on it: you're not addressing the "remote" issue. Furthermore, exposing a script like you're proposing via some other service (say HTTPS) seems like a security risk.
antik  2008-10-02 12:00:51
Any server side scripting language that will also work with Apache would work for this and isn't any more of a security risk than Webmin if coded correctly.PHP, Ruby, Perl
Simurr  2008-10-02 15:45:03
+1  A: 

@Rich Bradshaw

Just make sure you don't introduce security issues. The solution should use https encryption (the password should be never sent in clear text). It should be protected against shell injection attacks (strip any newlines from input, escape it properly etc). More details depend on choosen implementation.

phjr  2008-09-30 10:32:54
A: 

Webmin seemed to be a good application to do that, but I found it extremely hard to configure it right. My Unix users are unable to login to Webmin or Usermin.

Do you know any other alternatives to Webmin and Usermin?

Thanks

Armadillo  2008-10-02 10:58:04
+1  A: 

I've done this in the past to change passwords on several servers at once by using a script written in Expect. It's perfect for the job but you will need the servers to be listening via SSH.

Once written, the script will execute on your local workstation and will connect to the remote host, do the interaction you've scripted, and then you should be gold. All the while, using the encryption you're already trusting if you're running SSH. Just don't save the passwords in your script: you should be able to prompt yourself for them (even taking them by command line argument is generally considered poor practice.)

Expect is a great language too: lots of fun!

antik  2008-10-02 11:02:02

related questions

Obscuring network proxy password in plain text files on Linux/UNIX-likes
Why doesn't **find** find anything?
Getting stack traces on Unix systems, automatically
Differences between unix and windows files
How do you do a case insensitive search using a pattern modifier using less ?
Using Visual Studio to develop for C++ for Unix
How do I generate ASCII codes 2 and 3 in a Bash command line?
What's in your .procmailrc
Allow user to set up an SSH tunnel, but nothing else
What is PHP Safe Mode GID?
How to avoid redefining VERSION, PACKAGE, etc.
How can I encode xml files to xfdl (base64-gzip)?
Faster way to find duplicates conditioned by time
Date arithmetic in Unix shell scripts
Using Xming X Window Server over a VPN
Windows Equivalent of 'nice'
How do I configure and communicate with a serial port?
Choosing a static code analysis tool
What should a longtime Windows user know when starting to use Linux?
How do I use (n)curses in Ruby?
Process size on UNIX
Getting root permissions on a file inside of vi?
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
Fastest way to get value of pi