jik@athena.mit.edu (Jonathan I. Kamens) (04/28/89)
In article <10896@bloom-beacon.MIT.EDU> orionel@athena.mit.edu writes: >I have a small problem. I just finished reading a unix book in which >certain instructions were given to create a new password for a user in >case they forgot their old one. Apparently the unix book didn't explain the "man" command to you. The Athena passwd command is not the same as the BSD Unix passwd command; it modifies kerberos passwords. not Unix passwords. "passwd.real" is the program on Athena which modifies local workstation passwords as described in standard Unix documentation. >Of course only a super user can execute these instructions (which I am) Well, gee, you managed to find out the highly guarded super-user password of the workstations at Project Athena. Our workstation root password, for those of you who are curious, is 'mrroot.' It is publicly available -- consultants give it out constantly so users can fix minor problems on their workstations. It's possible for us to do this because root on our workstations isn't trusted anywhere except on the workstation -- kerberos is used for all network authentication. Further, the worst thing a user with root on a workstation can do is screw it up enough that the software needs to be reloaded -- that takes about twenty minutes for an operations staffperson. That problem will soon be eliminated as well, when we move to a read-only root; but that's another issue. ># passwd roxanne >New password: stoopid >Retype new password: stoopid ># Gee, looks like you're trying to change someone else's password. That's a no-no. Unless, of course, you have her permission.... >Thats the way its supposto work. To change user roxanne password >instead I get > ># passwd roxanne >Usage: passwd [-name name] [-inst inst] Precisely for the reason described above -- the syntax is different so that you don't confuse it with standard Unix passwd. Furthermore, the theory is that if you are an advanced enough user on Athena to be changing someone else's password, you'll understand, or at least how to use "man" or "olc" (On-Line Consulting, our consulting system). Apparently, the theory is wrong. >What is wrong??? > >orionel@athena.mit.edu You're confused. If someone forgets their password at Athena, they need to talk to the accounts administrator to get it changed to something new. We don't give random users the access to change other people's Kerberos passwords. Try using olc, or perhaps try reading some Athena documentation, rather than posting questions to comp.unix.wizards with which no one outside of Athena is going to be able to help you. Jonathan Kamens USnail: MIT Project Athena 410 Memorial Drive, No. 223F jik@Athena.MIT.EDU Cambridge, MA 02139-4318 Office: 617-253-4261 Home: 617-225-8218 P.S. Athena is anything but a normal Unix timesharing system. If you have questions about Athena, try finding them out inside Athena first.