Projects / Poppassd-ceti / Comments

Comments for Poppassd-ceti

01 Jun 2005 14:30 mrjones

Re: Download RPM and SRPM from here
Updated the .rpm for Centos4/RHEL4

www.samera.net/rpm (http://www.samera.net/rpm/)

10 May 2005 00:11 matthewgeier

Re: poppassd and pam_cracklib (or passwdqc)


> When using poppasswd-ceti (or other

> poppassd) the password enforcement rules

> normally seen are bypassed when using

> poppassd.

This isn't the case for me - in fact thats the only bit that does work - cracklib will reject 'bad' passwords, but at that point it segvs and I can't find why.

So a user trying to use a bad password gets an error back, a user with a good password just has the connection close and from Horde it reports the password sucessfully changed when infact popasswd seg faulted instead of actually making the change.

20 Apr 2005 11:05 jspellman

poppassd and pam_cracklib (or passwdqc)
When using poppasswd-ceti (or other poppassd) the password enforcement rules normally seen are bypassed when using poppassd. This is due to it being run as root. So, a single character change in a password is accepted, for example. This is probably well known, but I cannot find a work around.

30 Mar 2005 11:54 mrjones

Download RPM and SRPM from here
Hi,

I have build custom .rpm and src.rpm for poppassd
since 2002 here:

http://www.samera.net/rpm/ (http://www.samera.net/rpm/)


Oliver

13 Jan 2005 03:03 kravietz

Recent vulnerability in poppassd_pam (GLSA 200501-22)
On January 13. 2005 Gentoo released GLSA 200501-22 with description of vulnerability in poppassd_pam. Thanks to Tierry Carrez from Gentoo we clarified that this problem is NOT present in poppassd-ceti. The mentioned poppassd_pam is another project. If you are using poppassd-ceti from this page, you're safe.

21 Apr 2004 20:52 wangcindy

Where I can get a Poppassd client for my Linux email server?
I wish to add the password change function to my email server.

I have successfully downloaded Poppassd -1.8.4 to my linux email server which using SquirrelMail.

But encounter a problem of installing a poppassd client in my email server, I can not ftp to the point of ftp://ftp.ceti.pl/pub/linux

Where I can get a Poppassd client for my Linux email server?

Thank you very much!

06 Apr 2004 16:16 clarus_dogcow

my bad
seems as tho the version of poppasswd i used is forked into the qpopper branch. this version of poppasswd isn't happy with netbsd-sparc. my bad for the misspost. i assume it will be removed at some point

06 Apr 2004 15:58 clarus_dogcow

fix for what may be an unusual scenario
hey there,

i run netbsd-sparc as my mailserver. it's running sendmail, qpopper, and imap. to have roaming auth for my users i setup kerberos and cyrus sasl to let them send mail from any location so long as they're authenticated. this however managed to munge my webmail client's ( horde's IMP ) ability to use poppassd when changing a user's password.

i also wasn't able to connect via telnet ( which is all IMP does anyway )

-bash-2.05b$ telnet motoko 106

Trying 10.0.1.5...

Connected to motoko.xmsn.net.

Escape character is '^]'.

200 motoko.thetransmission.net poppassd v4.0.3 hello, who are you?

user test

200 your password please.

pass moof00f

200 your new password please.

newpass b0rkb0rk

500 Unable to change password

Connection closed by foreign host.

i found out that it's because kerberos wants the first layer of authentication when validating a user. poppassd only runs /usr/bin/passwd, which will trigger kerberos's attempt to authenticate the user.

since you're using execl to run the passwd command, it allows additional arguments to be passed when executing a binary. so i added the '-l' - the localized switch. this directly modifies the local password db, and bypasses the kerberos db. plopping that in poppaswd.c here:

execl ( pwd_binary, "passwd", "-l", NULL );

and recompilling poppasswd seems to fix the autnetication failures:

-bash-2.05b$ telnet motoko 106

Trying 10.0.1.5...

Connected to motoko.xmsn.net.

Escape character is '^]'.

200 motoko.thetransmission.net poppassd v4.0.3 hello, who are you?

user test

200 your password please.

pass moof00f

200 your new password please.

newpass b0rkb0rk

200 Password changed, thank-you.

i have no idea how many other people have experienced this problem. or fixed it on their own. but i figure i should post this somewhere relevant cause it was pretty annoying at the time (o;

Screenshot

Project Spotlight

ReciJournal

An open, cross-platform journaling program.

Screenshot

Project Spotlight

Veusz

A scientific plotting package.