fs_passwd
You may use fs_passwd/fs_passwd as a "passwd", "chfn" and "chsh" replacement on your shell machine(s) to cause password, gecos and shell changes to update your freeside machine. This can pose a security risk if not configured correctly. Do not use this feature unless you understand what you are doing!
Currently it is assumed that the the crypt(3) function in the C library is the same on the Freeside machine as on the target machine.
- Create a freeside account on the shell machine(s).
- Append the identity.pub from the freeside user on your freeside machine to the authorized_keys file of the newly created freeside user on the shell machine(s).
- Copy fs_passwd/fs_passwd to /usr/local/bin on the shell machine(s). (chown freeside, chmod 4755). You may link it to passwd, chfn and chsh as well.
- Copy fs_passwd/fs_passwdd to /usr/local/sbin on the shell machine(s). (chown freeside, chmod 500)
- Create /usr/local/freeside on the shell machine(s). (chown freeside, chmod 700)
- Run an iteration of "fs_passwd/fs_passwd_server user shell.machine" as the freeside user for each shell machine (this is a daemon process). user refers to the freeside user from the mapsecrets configuration file.