debian man page for courierpassd

Debian Man Pages All Man Pages Latest Topics Forum Categories

Query: courierpassd

OS: debian

Section: 8

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

COURIERPASSD(8) 						  Authentication						   COURIERPASSD(8)


NAME

       courierpassd - change passwords from across the network using the Courier authentication library


SYNOPSIS

       courierpassd [-hV] [-s SERVICE] [--stderr]

       courierpassd -s, --service SERVICE

       courierpassd --stderr

       courierpassd -h, --help

       courierpassd -V, --version


DESCRIPTION

       courierpassd  allows users to change their passwords from remote locations using the Courier authentication library. Usernames can be up to
       64 characters long while passwords can be up to 128 characters long.

       courierpassd uses the poppassd protocol for obtaining authentication tokens from the network. courierpassd is intended to  be  run  from  a
       super-server such as tcpserver or xinetd.

       The  service  specified	by the -s switch will depend on the particular authentication modules installed. Often 'login' will be appropriate
       but other possibilities include 'imap' and 'pop3'. This value defaults to 'login'. See the Courier documentation for a further  explanation
       of this switch.

       The  minimum  uid  that	courierpassd  will  attempt to change a password for can be set at compile time using the configure option --with-
       minuid.	courierpassd will refuse to change the password of a user whose uid is below this value. The default  value  is  100.  This  value
       should never be set to 0 as this would allow root's password to be changed from a remote location.

       A  second  configure  option,  --with-badpassdelay,  can be used to set the delay in seconds that courierpassd sleeps after an unsuccessful
       password change attempt. This feature is designed to make brute force attacks against passwords harder to perform. The default value is 3.


LOGGING

       Logging is done to syslog by default or to stderr if the --stderr switch is used.  courierpassd logs all password change  attempts  whether
       they are successful or not.

       courierpassd  does  certain  checks  on command line arguments so it is important to put --stderr first in the argument list if it is to be
       used in order for these checks to be logged properly.

EXAMPLE CLIENT-SERVER CONVERSATION
       All messages passed between server and client are text based allowing a client session to be easily mimicked  with  telnet.  Using  telnet,
       changing a user's password would look like this:

	    Connected to localhost.localdomain (127.0.0.1).
	    Escape character is '^]'.
	    200 courierpassd 1.1.2 hello, who are you?

	    user <username>

	    200 Your password please.

	    pass <current password>
	    200 Your new password please.

	    newpass <new password>

	    200 Password changed, thank-you.

	    quit

	    200 Bye.

	    Connection closed by foreign host.


BUGS

       If you've found a bug in courierpassd, please report it to freeware@arda.homeunix.net


SEE ALSO

       http://www.courier-mta.org/authlib/

       http://echelon.pl/pubs/poppassd.html


AUTHOR

       courierpassd was written by Andrew St. Jean

       Courier authentication library was written by Sam Varshavchik

       poppassd was written by Pawel Krawczyk based on an ealier version written by John Norstad, Roy Smith and Daniel L. Leavitt


GNU
/Linux							    20 Jan 2005 						   COURIERPASSD(8)
Related Man Pages
pam_chauthtok(3pam) - opensolaris
courierpop3d(8) - debian
yppasswd(1) - hpux
pam_unix(5) - hpux
pam_pwcheck(8) - debian
Similar Topics in the Unix Linux Community
Changing Users Passwords Via Script?
how to configure ssh2 for not asking password when logging from remote