[Bug 3566] New: Password expiry warning is printed multiple times when UsePAM is set to yes
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Mon Apr 24 20:57:55 AEST 2023
https://bugzilla.mindrot.org/show_bug.cgi?id=3566
Bug ID: 3566
Summary: Password expiry warning is printed multiple times when
UsePAM is set to yes
Product: Portable OpenSSH
Version: 8.8p1
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: PAM support
Assignee: unassigned-bugs at mindrot.org
Reporter: sshedi at vmware.com
Created attachment 3692
--> https://bugzilla.mindrot.org/attachment.cgi?id=3692&action=edit
Show pam messages only on failure
When UsePAM is set to yes in sshd_config and if a user password is
about to expire, it gets printed two times while doing ssh login.
Sample output:
```
root at ph4dev:~ # sshpass -p changeme ssh root at localhost
Warning: your password will expire in 2 days.
Warning: your password will expire in 2 days.
Last login: Mon Apr 24 15:47:41 2023 from 127.0.0.1
15:48:55 up 1:32, 2 users, load average: 0.00, 0.00, 0.00
root at ph4dev:~ #
```
I reproduced this with "openssh-8.8p1" and I believe this affects all
versions >= 8.4p1
Following commit is the cause of the issue.
https://github.com/openssh/openssh-portable/commit/ed6bef77f5bb5b8f9ca2914478949e29f2f0a780
This whole pam message echoing portion looks redundant because it is
already done at
https://github.com/openssh/openssh-portable/blob/master/auth-pam.c#L529
I am attaching a patch to fix this issue as well but not sure if it is
correct.
Please let me know if I need to raise a PR in github.
-
Shedi
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list