Re: one time passwords

From: Michael Vilain (vilain_at_spamcop.net)
Date: 08/05/03 

Date: Mon, 04 Aug 2003 22:28:06 -0700

In article <daFXa.47188$Vt6.17825@rwcrnsc52.ops.asp.att.net>,
 Lon Stowell <lon.stowell@comcast.net> wrote:

> "Michael Vilain " wrote:
>
> > In article <dfd17ef4.0308041801.1aebce28@posting.google.com>,
> > s99999999s2003@yahoo.com (mike) wrote:
> >
> >> how do i set up one time passwords for logins in solaris 8?
> >
> > I don't think you can. Closest I imaging is setting the account to
> > expire within a certain time period. They can login as many times as
> > they want until it expires. Don't know if they can still get in via ftp
> > if the account is expired as I never tried it.
> >
>
> It might help to know why the OP had some desire to do this for
> a normal user.
>
> With local files, could probably add a script, invoked by
> default login or such that grabs the line out of the
> shadow file and stomps on the password with something
> like "BeenHereOnce".
>

That script would have to run as root. I can see this working for local
files (good idea, btw!) but would be much harder on NIS or NIS+.

What about putting an expect script that changes the password via passwd
in the .login or .profile, leaving a $HOME/.BeenHereOnce file or
something. You could run the expect script in such a way as to capture
or throw away it's output. It would change the password to something
random or unknown to the user, thereby locking them out. 

-- 
DeeDee, don't press that button!  DeeDee!  NO!  Dee...

Relevant Pages

  • Re: Force password reset for administrator
    ... My script is in fact doing the same as yours. ... Is also required to set the password reset bit. ... logf.WriteLine(" Set administrator account to password changed after next ... expired, your code would configure so passwords no longer expire. ...
    (microsoft.public.scripting.vbscript)
  • Re: /etc/default/passwd and SSH
    ... SYNOPSIS: Description of "Password Aging" ... The warn field is the number of days of warning the user gets on login ... the expire field perform very distinct functions that are in no way related. ... The account should be disabled after a week so that it can not ...
    (Focus-SUN)
  • Re: problem with login
    ... login session" after I create their account. ... If your script is using the mkuser command, ...
    (comp.unix.aix)
  • Re: PHP Protect and select script
    ... You first mentioned you don't want your visitors to create an account, ... You post the username/password to the receiving script where you redirect ... I invite people to login to my web site and give them a login name and ... Isn't there a simple script that can take care of the redirection? ...
    (alt.php)
  • Re: expired passwords
    ... To expire a password for a user and then try to log back in for that ... You must change your password now and login again! ... If password aging has been enabled for your account, ... you don't actually know if you typed an incorrect username or an incorrect password. ...
    (Fedora)