josephlr
commented
3 months ago You should just be able to remove the protector whose password is forgotten and unknown. Then you can add back a login protector for that user. The PAM module looks for all login protectors for a particular user, so that should be fine.
ardabro
My family user forgot the password to her encrypted home. I was wise enough to have my separate protector to her policy so I'm able to decrypt. My questions: How can I easily change my user's password without copying data, the policy change etc? Is it possible to keep the same protector, or do I need to create a new one? If I create a new one, how PAM will know which protector to use? I look for a safe procedure, don't want to shoot my foot.