|
|
|
|
|
|
If you have lost or forgotten your LDAP password (and by extension, your machine login password) you can have it reset by sending a PGP signed message to the mail gateway:
echo "Please change my Debian password" | gpg --clearsign | mail chpasswd@db.oftc.net or echo "Please change my Debian password" | pgp -fast | mail chpasswd@db.oftc.netThe daemon will then respond with a new randomized password encrypted with your key. You can then use the SSL Web pages to change your password to something you can remember. You cannot set a new password via the mail gateway.
Alternatively, you can do without a password and use PGP to manipulate your LDAP information through the mail gateway and use SSH RSA Authentication to access the servers. To setup OpenSSH for RSA you need to first generate a private RSA key using ssh-keygen and select a good passphrase for it. Then send the public portion of the key to the LDAP directory:
gpg --clearsign < ~/.ssh/id_dsa.pub | mail change@db.oftc.net
NB: Only version 2 RSA keys are accepted. Version 1 RSA keys (i.e. identity.pub files) will not work.
You can then use this key to authenticate to the machines. Using ssh-agent (automatically run by Debian's X configuration) you can use ssh-add to 'cache' your passphrase once.
Last Modified: Thu, Nov 18 15:40:29 UTC 2004
Copyright © 1997-2004
SPI; See license terms
Debian is a registered trademark of Software in the Public Interest, Inc.