Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: Password Changer
« previous next »
Pages: [1]   Go Down

Password Changer

  • 7 Replies
  • 912 Views

Jorge

Password Changer
« on: March 30, 2000, 12:42:20 AM »
Has anyone made a script for allowing users to change there passwords? Basically all i am looking for is a form with three field, username, password and confirm. Anyone done this or know were I can get it so I don't have to write my own :)
Logged

Kim Morrison

RE: Password Changer
« Reply #1 on: March 30, 2000, 12:50:39 AM »
Hi Jorge,

Thanks for the post.  Actually, user's can already change their password. (See page 42 of the version 3.1 manual.)  From their desktop, have them visit the www.your-webserver-name.com/e-smith-password

- Kim
Logged

Mike Stoddart

RE: Password Changer
« Reply #2 on: March 30, 2000, 01:14:21 AM »
How about changing passwords from outside of the network? i.e. over the internet. Is this possible/safe?

Thanks
Logged

Jorge

RE: Password Changer
« Reply #3 on: March 30, 2000, 03:28:32 AM »
Hi, the http://www.myserver.com/e-smith-password doesn't seem to work. I am using 4.0b6 could this be the reason. I was hoping that users could do the outside the LAN though? Is this possible?
Logged

cryblood

RE: Password Changer
« Reply #4 on: March 30, 2000, 05:44:21 AM »
Trust me, you don't want them to be able to change their passwords from the internet.  WWAAAYYY to insecure. hackable hackable yess yess hackable hackable...
Logged

Jorge

RE: Password Changer
« Reply #5 on: March 30, 2000, 08:13:45 AM »
cryblood wrote:

>
> Trust me, you don't want them to be able to change their
> passwords from the internet.  WWAAAYYY to insecure. hackable
> hackable yess yess hackable hackable...

What happens if I put it in a https area? Would that be okay?
Logged

Charlie Brady

RE: Password Changer
« Reply #6 on: March 30, 2000, 12:05:36 PM »
Jorge wrote:

> cryblood wrote:
>
> > Trust me, you don't want them to be able to change
> > their  passwords from the internet.  WWAAAYYY to insecure.
> > hackable hackable yess yess hackable hackable...
>
> What happens if I put it in a https area? Would that be okay?

Yes, that would be OK. However, I haven't yet seen anybody
publish a set of upgrades to add an SSL web server to the e-smith server. So where are you going to get a https area?

Another alternative is to install openssh (see http://e-smith.gormand.com.au for RPMs) and use ssh to log onto the server, then use "lynx http://localhost/e-smith-password" to
access the web form.

That's not that easy either, but the e-smith server/gateway is not really designed to be accessed by users from the Internet side - the users are expected to spend their time on the LAN side.

Regards

Charlie
Logged

Jorge

RE: Password Changer
« Reply #7 on: March 30, 2000, 07:41:10 PM »
> Yes, that would be OK. However, I haven't yet seen anybody
> publish a set of upgrades to add an SSL web server to the
> e-smith server. So where are you going to get a https area?

Looks like it is experiment time. modssl.org has some good writeups on how to do this. I will give it a try and get back to you.

> Another alternative is to install openssh (see
> http://e-smith.gormand.com.au for RPMs) and use ssh to log onto
> the server, then use "lynx
> http://localhost/e-smith-password" to access the web form.

That is a good idea, but then users have to download an ssh terminal program. And it can be confusing for someone that has barely used a computer, going straight to a unix command prompt system.

---{Jorge}---
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: Password Changer