NIS expiration of passwords
Dear all,
I have a NIS server which shares a database of users between some computers (nodes exactly) and I would like that, on the first login, the user changes its password. So, on the NIS server I have made: chage -d 0 USER Then: # cd /var/yp # make On the NIS server I have: chage -l USER Last password change : password must be changed Password expires : password must be changed Password inactive : password must be changed Account expires : never Minimum number of days between password change : 0 Maximum number of days between password change : 99999 Number of days of warning before password expires : 7 I would believe this information is shared from the server to the other computers but here users still can connect (via SSH). If I try to get the information on the user connected I have: # chage -l USER user 'USER' does not exist in /etc/passwd This looks normal as there is no user there but then I do not know how to enable the expiration information through NIS. Do someone has an idea? Thanks, Fabien _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos |
NIS expiration of passwords
On Thu, Jun 28, 2012 at 7:23 AM, Fabien Archambault <
fabien.archambault@univ-amu.fr> wrote: > Dear all, > > I have a NIS server which shares a database of users between some > computers (nodes exactly) and I would like that, on the first login, > the user changes its password. > > So, on the NIS server I have made: chage -d 0 USER > Then: > # cd /var/yp > # make > > On the NIS server I have: > chage -l USER > Last password change : password > must be changed > Password expires : password > must be changed > Password inactive : password > must be changed > Account expires : never > Minimum number of days between password change : 0 > Maximum number of days between password change : 99999 > Number of days of warning before password expires : 7 > > > I would believe this information is shared from the server to the > other computers but here users still can connect (via SSH). If I try > to get the information on the user connected I have: > # chage -l USER > user 'USER' does not exist in /etc/passwd > > This looks normal as there is no user there but then I do not know how > to enable the expiration information through NIS. Do someone has an > idea? > > You can't. NIS on linux does not support password aging. > Thanks, > Fabien > _______________________________________________ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > -- -MichaelC _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos |
NIS expiration of passwords
On Jun 28, 2012, at 4:49 PM, Michael Coffman <michael.coffman@avagotech.com> wrote:
>> I would believe this information is shared from the server to the >> other computers but here users still can connect (via SSH). If I try >> to get the information on the user connected I have: >> # chage -l USER >> user 'USER' does not exist in /etc/passwd >> >> This looks normal as there is no user there but then I do not know how >> to enable the expiration information through NIS. Do someone has an >> idea? >> >> > You can't. NIS on linux does not support password aging. If your using NIS then I would use Kerberos for the users passwords to maintain security. If your using Kerberos then I believe password aging is handled on the Kerberos server. -Ross _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos |
| All times are GMT. The time now is 03:48 AM. |
VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.