On Thu, Oct 18, 2001 at 02:47:50PM -0400, Michael J. Lanham wrote:
> I am in the midst of following the add users' section of the manual
> and cannot seem to set passwds...
> 
> [root_at_server db]# au -h scm nu
> Your Vice name: coda
> Your password: 
> RPC2_Bind() --> RPC2_NOBINDING (F)
> [root_at_server db]# 
>  
> coda is the userid (uid = 503) that I created on my local machine and
> in /etc/passwd who is the administrator of coda.  pdbtool shows coda
> as a user.  but when I type the passwd that exists in /etc/passwd, I

We don't use the passwords from /etc/passwd for two reasons. First of
all, Coda uses a shared secret based authentication scheme, so the auth2
daemon likes to know your plaintext password. We could let the 'shared'
secret be the crypted & salted version of the password, but you would
then need to use shadow passwords as everyone can read this secret then
from /etc/password.

The second reason is that Coda doesn't employ strong encryption as is,
but merely obfusticates things using a simple XOR encoding. By grabbing
a couple of clog-auth2 authentications, it really isn't that hard to
find the password.

> get no joy from auth2...so how do I set the passwd for the coda admin
> since I never have set it in the first place?  cpasswd doesn't help
> since I do not know what password set for user coda in the first
> place....

Right after giving the name of the Coda administrator a message was
displayed that the admin password was set to "changeme".

Jan