POPPASSD(8) BSD System Manager's Manual POPPASSD(8)NAME
poppassd - POP password protocol daemon
SYNOPSIS
/usr/libexec/poppassd [-r attribute] [-t wait] [-w wait]
DESCRIPTION
The poppassd command is a server which supports the non-standard POPPASSD
password changing protocol as implemented in Eudora, NUPOP and other POP
clients. Poppassd is normally invoked by the internet server (see
inetd(8)) for requests to connect to the POPPASSD port as indicated by
the /etc/services file (see services(5)).
Poppassd gathers user and password information via the POPPASSD protocol
and attempts to change the specified user's password by invoking the
passwd(8) command.
-r attribute
Requires that poppassd may only change passwords for users whose
login class contains the specified attribute (see login.conf(5)).
By default, poppassd poppassd may be used to change any user's
password.
-t wait
Specifies the timeout (in seconds) for terminating a session with
the POPPASSD client. Poppassd times out after the specified number
of seconds when waiting for a command to arrive from the client.
The default is 60 seconds.
-w wait
Specifies the timeout (in seconds) for terminating a session with
the passwd(8) command. Poppassd times out after the specified num-
ber of seconds when waiting for a response from the passwd(8) pro-
gram. The default is 60 seconds.
DIAGNOSTICS
The poppassd program logs successful attempts, protocol, and system er-
rors via syslog(2) in the LOG_AUTHPRIV class. The host name (or Internet
address) and port of the host initiating the connection as well as the
target user (if available) is included in all log messages.
SEE ALSOchpass(1), setusercontext(3), login.conf(5), passwd(5),
syslog.conf(5), inetd(8), login(8), tcpd(8), vipw(8)BUGS
The poppassd command is very insecure as it sends the user's old and new
passwords over the network UN encrypted. Avoid enabling it if at all
possible, restrict its use to POP users via login.conf(5), or restrict
the hosts that can access the POPPASSD port via tcpd(8).
BSDI BSD/OS February 20, 1996 1