Why not authenticate via LDAP or some other directory server, then let the user manage their LDAP account via a web interface?<br><br>You can also manage web user accounts with a simple database -- that is what most CMS systems do (Wordpress, Drupal, etc.). But LDAP is more robust.<br>
<br>Using system accounts to manage web users sounds like making things more difficult than they need to be. If you want to provide a web front-end to your server, why not use a web-friendly account management tool like LDAP?<br>
<br>Curts<br><br><div class="gmail_quote">On Mon, Apr 12, 2010 at 10:57 PM, Andrew Berg <span dir="ltr"><<a href="mailto:bahamutzero8825@gmail.com">bahamutzero8825@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
I need a simple web interface to let users change their passwords. I<br>
don't want them to have shell access since they wouldn't know how to use<br>
it (and it limits what an attacker can do if the account is<br>
compromised). Usermin doesn't always work right, and it seems to screw<br>
up passwords, making it impossible for users to log in via FTP (and<br>
probably other services like HTTP). I want it to be a simple interface<br>
to passwd (Usermin uses MD5 hashes for some reason and passwd uses<br>
SHA-512). I have Apache already set up (and users are authenticated<br>
using their system account credentials; no anonymous users are allowed),<br>
so it doesn't need its own webserver capabilities.<br>
<br>
_______________________________________________<br>
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota<br>
<a href="mailto:tclug-list@mn-linux.org">tclug-list@mn-linux.org</a><br>
<a href="http://mailman.mn-linux.org/mailman/listinfo/tclug-list" target="_blank">http://mailman.mn-linux.org/mailman/listinfo/tclug-list</a><br>
</blockquote></div><br>