[Bug 2049] Request for a configurable option for SFTP to display login information to the user after a successful login.
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Thu Nov 19 18:52:55 AEDT 2020
https://bugzilla.mindrot.org/show_bug.cgi?id=2049
--- Comment #10 from Darren Tucker <dtucker at dtucker.net> ---
(In reply to Michael Watters from comment #9)
> [root at f33 test_keys]# ssh -i id_rsa user1 at localhost hostname 2>&1
> Warning: your password will expire in 32766 days.
That sounds like one of the PAM stacks is returning that message, but
previously not in a way sshd would send to the client. You can check
this with my pam-test-harness tool:
$ wget https://www.dtucker.net/patches/pam-test-harness.c
$ cc -o pam-test-harness pam-test-harness.c -lpam
$ sudo ./pam-test-harness -s sshd -u $LOGNAME
which will give output something like:
$Id: pam-test-harness.c,v 1.35 2020/11/19 07:36:45 dtucker Exp $
conversation struct {conv=0x4017cd, appdata_ptr=0x405210}
pam_start(sshd, dtucker, &conv, &pamh) = 0 (Success)
pam_get_item(pamh, PAM_SERVICE, ...) = 0 (Success)
PAM_SERVICE = sshd (unchanged)
pam_set_item(pamh, PAM_TTY, "/dev/pts/6") = 0 (Success)
pam_set_item(pamh, PAM_RHOST, "[...]) = 0 (Success)
getlogin returned NULL (No such device or address) , skipping PAM_RUSER
pam_authenticate(pamh, 0x0)
conversation called with 1 messages data 0x405210
PROMPT_ECHO_OFF: Password: = 0 (Success)
pam_acct_mgmt(pamh, 0x0) = 0 (Success)
pam_open_session(pamh, 0x0) = 0 (Success)
pam_setcred(pamh, 0x0) = 0 (Success)
pam_get_item(pamh, PAM_SERVICE, ...) = 0 (Success)
PAM_SERVICE = sshd (unchanged)
pam_get_item(pamh, PAM_USER, ...) = 0 (Success)
PAM_USER = dtucker (unchanged)
pam_get_item(pamh, PAM_TTY, ...) = 0 (Success)
PAM_TTY = /dev/pts/6 (unchanged)
Standard environment variables:
PAM environment variables:
[...]
uid 0 euid 0 gid 0 egid 0
pam_close_session(pamh, 0) = 0 (Success)
pam_end(pamh, 0) = 0 (Success)
Does that also output the expiry warning and if so, after which pam
call?
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list