GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  COURIERPASSD (8)

NAME

courierpassd - change passwords from across the network using the Courier authentication library

CONTENTS

SYNOPSIS

courierpassd [-hV] [-s SERVICE] [--stderr]

courierpassd -s, --service SERVICE

courierpassd --stderr

courierpassd -h, --help

courierpassd -V, --version

DESCRIPTION

courierpassd allows users to change their passwords from remote locations using the Courier authentication library. Usernames can be up to 64 characters long while passwords can be up to 128 characters long.

courierpassd uses the poppassd protocol for obtaining authentication tokens from the network. courierpassd is intended to be run from a super-server such as tcpserver or xinetd.

The service specified by the -s switch will depend on the particular authentication modules installed. Often ’login’ will be appropriate but other possibilities include ’imap’ and ’pop3’. This value defaults to ’login’. See the Courier documentation for a further explanation of this switch.

The minimum uid that courierpassd will attempt to change a password for can be set at compile time using the configure option --with-minuid. courierpassd will refuse to change the password of a user whose uid is below this value. The default value is 100. This value should never be set to 0 as this would allow root’s password to be changed from a remote location.

A second configure option, --with-badpassdelay, can be used to set the delay in seconds that courierpassd sleeps after an unsuccessful password change attempt. This feature is designed to make brute force attacks against passwords harder to perform. The default value is 3.

LOGGING

Logging is done to syslog by default or to stderr if the --stderrswitchisused. courierpassd logs all password change attempts whether they are successful or not.

courierpassd does certain checks on command line arguments so it is important to put --stderrfirstintheargumentlistifitistobeused in order for these checks to be logged properly.

EXAMPLE CLIENT-SERVER CONVERSATION

All messages passed between server and client are text based allowing a client session to be easily mimicked with telnet. Using telnet, changing a user’s password would look like this:

        Connected to localhost.localdomain (127.0.0.1).
        Escape character is ’^]’.
        200 courierpassd 1.1.2 hello, who are you?\r\n
        user <username>\r\n
        200 Your password please.\r\n
        pass <current password>
        200 Your new password please.\r\n
        newpass <new password>\r\n
        200 Password changed, thank-you.\r\n
        quit\r\n
        200 Bye.\r\n
        Connection closed by foreign host.

BUGS

If you’ve found a bug in courierpassd, please report it to freeware@arda.homeunix.net

SEE ALSO

http://www.courier-mta.org/authlib/

http://echelon.pl/pubs/poppassd.html

AUTHOR

courierpassd was written by Andrew St. Jean

Courier authentication library was written by Sam Varshavchik

poppassd was written by Pawel Krawczyk based on an ealier version written by John Norstad, Roy Smith and Daniel L. Leavitt

Search for    or go to Top of page |  Section 8 |  Main Index


GNU/Linux COURIERPASSD (8) 20 Jan 2005

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.