If you're changing your FileVault-enabled password, change it only from the Accounts preference pane.
If you’re using FileVault and you need to change the password, be sure to change it from the Accounts preference pane as that will update the keychain as well. This may seem obvious, but I ran into a problem where somebody had changed the password to a server’s FileVault-equipped admin account by some other means (probably Workgroup Manager.) The result is that I could not log into that account from the login screen. It’d take the password (since NetInfo said it was right), and then hang since the password to unlock the the FileVault sparseimage was different. The only way to get back to the login screen was to look up the loginwindow console process then kill it via SSH. I wound up having to create a new admin account and blow away the old account since nobody could think of what password the sparseimage might be using.
[public service message]
Don’t let this happen to you; always change your FileVault-equipped account from the Accounts preference pane!
[/public service message]
Somebody recently asked me if I knew a way to change a OS X Server password from a Linux box. I said that I had a way to change them via a webpage, but I didn’t know of another way. I thought about that some more, and decided to double-check that. The good news is that you can, and in a really simple way. This way of changing makes the following assumptions:
1. Your password is not set on the server to be changed before the next login (i.e. you haven’t been sent a temp password whose sole use is to act as a means to change to a new password. That’s the main reason I set up a web-based password change page, as it does allow for this situation.)
2. You’re connected to the server via SSH.
If your user has both of those assumptions covered, here’s how you change your account’s password.
1. Log into the server via SSH.
2. Type “passwd (account shortname)” For instance, in the case of a user whose shortname is test, it would be “passwd test”
3. It’ll ask you for your old password, then ask you to enter a new password and verify it. The password rules that govern this are the same ones you have set on your server.
What you should see in your terminal program:
My-Box:~ rtrouton$ ssh test@servername
servername:~ test$ passwd test
Changing password for test.
Retype new password:
Log out, and try logging back in. It should now require the new password to log in, and that will now apply to all the services available to that account on that server. I tested this on an XServe running Server 10.3.9, and it should work on Server 10.4.x as well.
One additional item to note: changing your password from the command-line will not update your Keychain with the new password. If you sometimes access this box remotely via SSH and other times from the main login screen, you’re better off changing it through System Preferences: Accounts. That goes double if you’re using FileVault to secure your account on the server.
In a fit of geek this afternoon, I decided to post online the portion of our book and video library that I’ve scanned into Delicious Library. So, for those of you who like to poke around people’s libraries to see what kind of picture you can make of how their minds work, I invite you to poke around mine. If you’re a friend or family member, and you notice something you’d like to borrow, shoot me an email and we’ll talk.