Manual Reference Pages - COURIERPASSD (8)
courierpassd - change passwords from across the network using
the Courier authentication library
courierpassd [-hV] [-s SERVICE] [--stderr]
courierpassd -s, --service SERVICE
courierpassd -h, --help
courierpassd -V, --version
courierpassd allows users to change their passwords from remote
locations using the Courier authentication library. Usernames can be
up to 64 characters long while passwords can be up to 128 characters
courierpassd uses the poppassd protocol for obtaining authentication
tokens from the network. courierpassd is intended to be run from a
super-server such as tcpserver or xinetd.
The service specified by the -s switch will depend on the particular
authentication modules installed. Often login will be appropriate
but other possibilities include imap and pop3. This value
defaults to login. See the Courier documentation for a further
explanation of this switch.
The minimum uid that courierpassd will attempt to change a password for
can be set at compile time using the configure option --with-minuid.
courierpassd will refuse to change the password of a user whose uid is
below this value. The default value is 100. This value should never be
set to 0 as this would allow roots password to be changed from a
A second configure option, --with-badpassdelay, can be used to set the
delay in seconds that courierpassd sleeps after an unsuccessful password
change attempt. This feature is designed to make brute force attacks
against passwords harder to perform. The default value is 3.
Logging is done to syslog by default or to stderr if the
courierpassd logs all password change attempts whether they are successful or not.
courierpassd does certain checks on command line arguments so it is important to put
--stderrfirstintheargumentlistifitistobeused in order for these checks to be logged properly.
EXAMPLE CLIENT-SERVER CONVERSATION
All messages passed between server and client are text based allowing
a client session to be easily mimicked with telnet. Using telnet,
changing a users password would look like this:
Connected to localhost.localdomain (127.0.0.1).
Escape character is ^].
200 courierpassd 1.1.2 hello, who are you?\r\n
200 Your password please.\r\n
pass <current password>
200 Your new password please.\r\n
newpass <new password>\r\n
200 Password changed, thank-you.\r\n
Connection closed by foreign host.
If youve found a bug in courierpassd, please report it to
courierpassd was written by Andrew St. Jean
Courier authentication library was written by Sam Varshavchik
poppassd was written by Pawel Krawczyk based on an ealier
version written by John Norstad, Roy Smith and Daniel L. Leavitt
|GNU/Linux ||COURIERPASSD (8) ||20 Jan 2005 |
Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.