:man| Alphabetical   Categories   About us 
 
KPASSWDD (8) | System administration commands and daemons | Unix Manual Pages | :man

NAME

kpasswdd - Kerberos 5 password changing server

CONTENTS

Synopsis
Description
Diagnostics
Bugs
See Also

SYNOPSIS

kpasswdd [--check-library=library] [--check-function=function] [-k kspec | Xo --keytab= kspec ] [-r realm | Xo --realm= realm ] [-p string | Xo --port= string ] [--version] [--help]

DESCRIPTION

kpasswdd serves request for password changes. It listens on UDP port 464 (service kpasswd) and processes requests when they arrive. It changes the database directly and should thus only run on the master KDC.

Supported options:

--check-library= library
If your system has support for dynamic loading of shared libraries, you can use an external function to check password quality. This option specifies which library to load.
--check-function= function
This is the function to call in the loaded library. The function should look like this:

const char * passwd_check "krb5_context context" "krb5_principal principal" "krb5_data *password"

context is an initialized context; principal is the one who tries to change passwords, and password is the new password. Note that the password (in password->data) is not zero terminated.

-k kspec, --keytab= kspec
Keytab to get authentication key from
-r realm, --realm= realm
Default realm
-p string, --port= string
Port to listen on (default service kpasswd - 464).

DIAGNOSTICS

If an error occurs, the error message is returned to the user and/or logged to syslog.

BUGS

The default password quality checks are too basic.

SEE ALSO

kpasswd(1), kdc(8)

 
Created by Blin Media, 2008-2013