Projects / Poppassd-ceti

Poppassd-ceti

Poppassd-ceti is a Qualcomm password changer daemon with PAM support and several other improvements. This program is intended to be a secure way to change system passwords via the Web. Methods that involve calling SUID programs directly from the Web are especially avoided. Poppassd strictly isolates the Web interface from actual password manipulations. The program contains no known security bugs that could be reported since it was released several years ago. This version uses PAM, which means you can do anything PAM can. Currently, there are PAM modules for almost all known authentication methods available.

Tags

RSS Recent releases

  •  02 Dec 2004 12:26

Release Notes: This release compiles correctly under gcc 3.3 (stdarg/vararg problem).

  •  19 Aug 2003 06:08

Release Notes: A bug in which PAM errors (like cracklib complaints) were not actually preventing the user from changing the password was fixed. Now, if cracklib reports a weak password, it won't be accepted. To return to the previous default behavior, remove cracklib from poppassd's PAM configuration.

  •  04 Jul 2003 00:25

    Release Notes: This version has changed the default PAM service name from "passwd" to "poppassd" and added some more cleanups to password and username length. Configuration hints were also added.

    •  05 Jun 2002 17:36

    Release Notes: Some cleanups in maximum username and password length checking, more verbose logging, and support for passwords with space inside.

    •  25 Mar 2002 16:01

    Release Notes: Cosmetic changes like updated documentation.

    RSS Recent comments

    01 Jun 2005 14:30 mrjones Thumbs up

    Re: Download RPM and SRPM from here
    Updated the .rpm for Centos4/RHEL4

    www.samera.net/rpm (www.samera.net/rpm/)

    10 May 2005 00:11 matthewgeier

    Re: poppassd and pam_cracklib (or passwdqc)

    > When using poppasswd-ceti (or other

    > poppassd) the password enforcement rules

    > normally seen are bypassed when using

    > poppassd.

    This isn't the case for me - in fact thats the only bit that does work - cracklib will reject 'bad' passwords, but at that point it segvs and I can't find why.

    So a user trying to use a bad password gets an error back, a user with a good password just has the connection close and from Horde it reports the password sucessfully changed when infact popasswd seg faulted instead of actually making the change.

    20 Apr 2005 11:05 jspellman

    poppassd and pam_cracklib (or passwdqc)
    When using poppasswd-ceti (or other poppassd) the password enforcement rules normally seen are bypassed when using poppassd. This is due to it being run as root. So, a single character change in a password is accepted, for example. This is probably well known, but I cannot find a work around.

    30 Mar 2005 11:54 mrjones Thumbs up

    Download RPM and SRPM from here
    Hi,

    I have build custom .rpm and src.rpm for poppassd
    since 2002 here:

    www.samera.net/rpm/ (www.samera.net/rpm/)

    Oliver

    13 Jan 2005 03:03 kravietz

    Recent vulnerability in poppassd_pam (GLSA 200501-22)
    On January 13. 2005 Gentoo released GLSA 200501-22 with description of vulnerability in poppassd_pam. Thanks to Tierry Carrez from Gentoo we clarified that this problem is NOT present in poppassd-ceti. The mentioned poppassd_pam is another project. If you are using poppassd-ceti from this page, you're safe.

    Screenshot

    Project Spotlight

    NAMI

    A node.js client for Asterisk Manager Interface.

    Screenshot

    Project Spotlight

    EFL

    Software that provides ready to use CFEngine policy.