Lost or Forgotten password
If you have lost or forgotten your LDAP password, you can have it reset by sending a PGP signed message to the mail gateway:
echo "Please change my Debian password" | gpg --clearsign | mail email@example.com or echo "Please change my Debian password" | pgp -fast | mail firstname.lastname@example.orgThe daemon will then respond with a new randomized password encrypted with your key. You can then use the SSL Web pages to change your password to something you can remember. You cannot set a new password via the mail gateway.
Alternatively, you can do without a password and use PGP to manipulate your LDAP information through the mail gateway and use SSH RSA Authentication to access the servers. To setup OpenSSH for RSA you need to first generate a private RSA key using ssh-keygen and select a good passphrase for it. Then send the public portion of the key to the LDAP directory:
gpg --clearsign < ~/.ssh/id_rsa.pub | mail email@example.com
NB: Only version 2 RSA keys are accepted. Version 1 RSA keys (i.e. identity.pub files) will not work.
You can then use this key to authenticate to the machines. Using ssh-agent (automatically run by Debian's X configuration) you can use ssh-add to 'cache' your passphrase once.
You can contact us at firstname.lastname@example.org.