Forcing new password at login (w/o requiring an old password) (sudo related)
From: Andrew Gideon (c182driver_at_gideon.org)
Date: 08/22/05
- Next message: Darren Dunham: "Re: Forcing new password at login (w/o requiring an old password) (sudo related)"
- Previous message: mdigiacomo_at_anteon.com: "Losing my LD_LIBRARY_PATH"
- Next in thread: Darren Dunham: "Re: Forcing new password at login (w/o requiring an old password) (sudo related)"
- Reply: Darren Dunham: "Re: Forcing new password at login (w/o requiring an old password) (sudo related)"
- Reply: Richard E. Silverman: "Re: Forcing new password at login (w/o requiring an old password) (sudo related)"
- Reply: Darren Tucker: "Re: Forcing new password at login (w/o requiring an old password) (sudo related)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 22 Aug 2005 13:28:15 -0400
Strictly speaking, this isn't an SSH problem. But SSH makes a technique
possible, and taking that technique a little further is stumping me.
With SSH, we can have someone create a keypair for their new account, send
us the public key, and they've the ability to log in. No passwords
exchanged, no security issues.
This works very nicely. However, I cannot take that next step of providing
sudo access to these users (assuming I want to avoid password-less sudo,
which I do {8^).
The solution I envision is, upon the first login (done via the key pair,
recall), the user is required to enter a password. This becomes the new
password, and is ultimately used for sudo's authentication.
How can I force the need to provide the password? Password aging-based
techniques get close, but I cannot quite get the entire way. I can warn,
but I cannot force (unless you include eventually locking the account as
"forcing" {8^).
Then there's the matter of getting the 'passwd' command to work w/o having
the previous password. If I set a blank password, this works. But while
the password is blank, the user can sudo w/o additional authentication even
if sudo is supposed to be prompting for a password. There may be other
consequences of a blank password that would be unfortunate.
I feel like there's some simple twist to this that I'm missing which would
make this all just fall into place. Can anyone suggest what I'm missing?
Thanks...
Andrew
P.S. One possibility I have considered is password-free access to
sudo only to change their own password. But I'd want them to be
able to do the password-free passwd only once, and this would
grant password-free passwd capability until that NOPASSWD entry
in sudoers were removed.
Besides, this just seems inelegant.
- Next message: Darren Dunham: "Re: Forcing new password at login (w/o requiring an old password) (sudo related)"
- Previous message: mdigiacomo_at_anteon.com: "Losing my LD_LIBRARY_PATH"
- Next in thread: Darren Dunham: "Re: Forcing new password at login (w/o requiring an old password) (sudo related)"
- Reply: Darren Dunham: "Re: Forcing new password at login (w/o requiring an old password) (sudo related)"
- Reply: Richard E. Silverman: "Re: Forcing new password at login (w/o requiring an old password) (sudo related)"
- Reply: Darren Tucker: "Re: Forcing new password at login (w/o requiring an old password) (sudo related)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
