[Bug 848] OpenSSH_3.8.1p1 - passwd -f does not work

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Apr 21 21:56:41 EST 2004


http://bugzilla.mindrot.org/show_bug.cgi?id=848





------- Additional Comments From kumaresh_ind at gmx.net  2004-04-21 21:56 -------
Yes. It has been mentioned that the authentication used was password 
authentication. 

In sshd_config, the configurations are:
UsePAM no
ChallengeResponseAuthentication no
PasswordAuthentication yes

A member in the passwd structure in HP-UX decides the password aging and it 
is "char pw_age". [try "man 4 passwd" on HP-UX systems for details]. This is 
applicable for /etc/passwd file only. 

ssh code properly checks for the expired passwords with shadow passwords, with 
the field "spw->sp_expire" [function "auth_shadow_acctexpired()" in auth-
shadow.c]. Thats why it works with Shadow passwords.

So, IMHO, there has to be a check for the "pw_age" member when sshd is 
configured with "UsePAM no" and if the system do not have shadow support, as 
this case use /etc/passwd file. 




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list