LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 09-04-2009, 08:13 PM   #1
sudarsh
LQ Newbie
 
Registered: Sep 2009
Posts: 10

Rep: Reputation: 0
cannot change linux passwd from user mode


Hi

When I try to login (in user mode, say as user abcde) to a remote linux system using SSH, and the password has expired, am rompted to change password. However, I cannot change the same as "abcde", though I can change it from the root mode.
Can anybody help?
 
Old 09-05-2009, 02:21 AM   #2
JulianTosh
Member
 
Registered: Sep 2007
Location: Las Vegas, NV
Distribution: Fedora / CentOS
Posts: 674
Blog Entries: 3

Rep: Reputation: 90
What exactly do you need help with? It sounds like you are able to set it back with the root account. What else do you want to do? Turn off password history or expirations?
 
Old 09-05-2009, 03:26 AM   #3
vikas027
Senior Member
 
Registered: May 2007
Location: Sydney
Distribution: RHEL, CentOS, Ubuntu, Debian, OS X
Posts: 1,305

Rep: Reputation: 107Reputation: 107
Hi Sudarsh,

Could you please paste what error are you getting exactly.
 
Old 09-06-2009, 11:10 PM   #4
sudarsh
LQ Newbie
 
Registered: Sep 2009
Posts: 10

Original Poster
Rep: Reputation: 0
Hi

I would like to have it possible that the user "abcde" himself can change the password after it has expired.
 
Old 09-07-2009, 01:16 AM   #5
vikas027
Senior Member
 
Registered: May 2007
Location: Sydney
Distribution: RHEL, CentOS, Ubuntu, Debian, OS X
Posts: 1,305

Rep: Reputation: 107Reputation: 107
Lightbulb

Quote:
Originally Posted by sudarsh View Post
Hi

I would like to have it possible that the user "abcde" himself can change the password after it has expired.
You should not go against the rules of unix.

But yes, there is a tweak. You can give him sudo right to run this command
Code:
su - root -c "passwd abcde"
You can give this a try, get back if you face any problem.
 
Old 09-07-2009, 06:08 AM   #6
sudarsh
LQ Newbie
 
Registered: Sep 2009
Posts: 10

Original Poster
Rep: Reputation: 0
Hi Vikas,

Thank you for the response. Two things regarding this solution:

1> With this solution, still a "root" interference is needed in order to change abcde's own password. Do you not think, that, a user, even if (s)he is an ordinary user, should have the permission to change his/ her own password?

2> With the command "passwd -d abcde", the root can offer to altogather remove the option from asking "abcde" for a password from next login. Is this not more vulnerable than allowing an user to change his password?

Regards
Sudarshan
 
Old 09-07-2009, 11:00 AM   #7
vikas027
Senior Member
 
Registered: May 2007
Location: Sydney
Distribution: RHEL, CentOS, Ubuntu, Debian, OS X
Posts: 1,305

Rep: Reputation: 107Reputation: 107
Thumbs up

Quote:
Originally Posted by sudarsh View Post
1> With this solution, still a "root" interference is needed in order to change abcde's own password. Do you not think, that, a user, even if (s)he is an ordinary user, should have the permission to change his/ her own password?
NO, giving sudo rights means, we enable a user to run few commands decided by us as root.
root interference is NOT needed. You might need this to implement sudo rights


Quote:
Originally Posted by sudarsh View Post
2> With the command "passwd -d abcde", the root can offer to altogather remove the option from asking "abcde" for a password from next login. Is this not more vulnerable than allowing an user to change his password?
Dear, what you are saying is to have a password less user abcde. Do you think this is right ? Anyone, in you network can have access to this user and he would be delighted to have a password less access. If you are thinking to have a password less access, more suitable way is to implement ssh keys.

I would request you to give me you requirement, what exaclty are you looking :
1) A password less account
2) User can himself can change the password after it has expired (as mentioned in your earlier post).

Also, you can set abcde password as non-expiring. This password will never expire.
Code:
chage -d 99999 abcde

Last edited by vikas027; 09-07-2009 at 11:10 AM. Reason: Added few more lines, entered something wrong by mistake
 
Old 09-08-2009, 11:29 PM   #8
sudarsh
LQ Newbie
 
Registered: Sep 2009
Posts: 10

Original Poster
Rep: Reputation: 0
Hi Vikas,

First of all, thank you very much for the sudoers' and the ssh keys links.

About my requirement:
you are right, I dont need a password less user, I need a user who can change his password himself whenever it expires, without involving the root in anyway. At present, every 45 days, the passwd expires. So, whenever the user tries to login through ssh after passwd expiry, he is informed so, but he cannot change the password himself.

Actually, I have checked the chage -l option too, and the values are:
lab-139:~ # chage -l "abacde"
Minimum: 0
Maximum: 10000
Warning: -1
Inactive: -1
Last Change: Apr 22, 2008
Password Expires: Never
Password Inactive: Never
Account Expires: Never
lab-139:~ #

However, it doesnot take effect, possibly because we seem to be using a customized version of linux. I think this is the root of all the problem.


-Sudarshan
 
Old 09-09-2009, 04:01 AM   #9
vikas027
Senior Member
 
Registered: May 2007
Location: Sydney
Distribution: RHEL, CentOS, Ubuntu, Debian, OS X
Posts: 1,305

Rep: Reputation: 107Reputation: 107
Thumbs up su - root -c "passwd abcde"

Quote:
Originally Posted by sudarsh View Post
Hi Vikas,

First of all, thank you very much for the sudoers' and the ssh keys links.

About my requirement:
you are right, I dont need a password less user, I need a user who can change his password himself whenever it expires, without involving the root in anyway. At present, every 45 days, the passwd expires. So, whenever the user tries to login through ssh after passwd expiry, he is informed so, but he cannot change the password himself.

Actually, I have checked the chage -l option too, and the values are:
lab-139:~ # chage -l "abacde"
Minimum: 0
Maximum: 10000
Warning: -1
Inactive: -1
Last Change: Apr 22, 2008
Password Expires: Never
Password Inactive: Never
Account Expires: Never
lab-139:~ #

However, it doesnot take effect, possibly because we seem to be using a customized version of linux. I think this is the root of all the problem.


-Sudarshan
See, in any case it is not possible for a user to change his password after it expires.

BUT, what can be done is give him sudo rights so that he can change his pasword when while logging it starts giving him warning that his password is going to expire. As explained in earlier post, this command can be used.
Code:
su - root -c "passwd abcde"
This is the only solution I can think of.

Hope this helps and this thread closes here.
 
Old 09-09-2009, 09:45 PM   #10
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.10, Centos 7.5
Posts: 17,710

Rep: Reputation: 2520Reputation: 2520Reputation: 2520Reputation: 2520Reputation: 2520Reputation: 2520Reputation: 2520Reputation: 2520Reputation: 2520Reputation: 2520Reputation: 2520
You need to enable the warning period, so that he starts getting warnings eg 5 days before expiry. Once its expired and he's logged out, obviously he cannot login again, that's the point of expiring a passwd.
See the -W switch http://linux.die.net/man/1/chage
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Not able to change passwd as normal user !!! Please help shads2k5 Linux - Server 4 10-26-2008 04:48 AM
how to configure when change a linux user password than automatic sync samba passwd. hocheetiong Linux - Newbie 1 08-25-2008 06:57 PM
change passwd problem against a user shipon_97 Linux - Newbie 1 09-16-2006 01:54 AM
user can change passwd kelper Linux - Software 3 08-28-2003 05:17 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 08:56 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration