HPE Community
Operating System - HP-UX
1834105 Members
2476 Online
110063 Solutions
New Discussion

Running passwd with rexec

 
SOLVED
Go to solution
Jeff Machols
Esteemed Contributor

‎12-11-2001 08:05 AM

‎12-11-2001 08:05 AM

Running passwd with rexec

Is it possible to run the passwd command with rexec? I am getting pam_chauthok: System error

I am assuming this has something to do with getlogname failing becase rexec doesn't put an entry in utmp. Any ideas?
0 Kudos
Reply
4 REPLIES 4
Jeff Machols
Esteemed Contributor

‎12-11-2001 08:22 AM

‎12-11-2001 08:22 AM

Re: Running passwd with rexec

also... I am running a trusted system
0 Kudos
Reply
G. Vrijhoeven
Honored Contributor

‎12-11-2001 01:30 PM

‎12-11-2001 01:30 PM

Re: Running passwd with rexec

Hi,

1. Why do you have .rhosts files on a trusted system?


you can use cryptpw to generate an encrypted passwd sting. copy it in the /etc/passwd file and save it.

this can be done with a simple script.

Hope this will help,

Gideon

0 Kudos
Reply
Scott Van Kalken
Esteemed Contributor

‎12-11-2001 01:45 PM

‎12-11-2001 01:45 PM

Re: Running passwd with rexec

With a trusted system you use the Pluggable Authentication Module (pam) as you're aware. You may be able to get around this by specifiying other libraries in /etc/pam_user.conf

You could for example, have a user set up to do the rexec (don't reccommend root) and have the auth details for that user specified in pam_user.conf to allow insertion of users into the password file.

If that makes sense.

man pam.conf for libraries, services and modules used.

man pam_user.conf for configuration of per user pam settings.

The pam_user.conf file will override the default pam.conf (system wide) for users specified in it.

I'm not sure how you'd do this, but I'm 100% sure it's possible.

Scott.

0 Kudos
Reply
Steven Gillard_2
Honored Contributor

‎12-12-2001 04:34 AM

‎12-12-2001 04:34 AM

Solution

Re: Running passwd with rexec

I get the same "System Error" when I try to run passwd through rexec, and I don't have a trusted system.

Looking at a syscall trace of the passwd command it appears that things go wrong after it gets a ENXIO (no such device or address) when attempting to open /dev/tty. This is expected since there is no controlling terminal associated with a process started by rexecd.

I guess this means you can't run the passwd command from rexec. You could try telnet as a workaround if you really need to do this:

{
sleep 1
echo
sleep 1
echo
sleep 1
echo "passwd"
sleep 1
echo
sleep 1
echo
sleep 1
echo
sleep 1
echo "logout"
} | telnet

NOTE: this telnet solution breaks with the current telnet patch. I'm told a fix is on its way.

Regards,
Steve
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.