grace logins on solaris

Damien Miller djm at
Sat May 27 10:09:04 EST 2000

On Fri, 26 May 2000, Chip Christian wrote:

> May 26 12:39:38 sshd[8029]: PAM_NDS : Password 
> expired.
> PAM rejected by account configuration: Get new authentication token
> Faking authloop for illegal user chip from port 901
> pam_acct_mgmt is returning PAM_NEW_AUTHTOK_REQD.  Is there BSD
> licensed code out there already to deal with asking users to change
> an expired password?

In the absence of this, would allowing access (and displaying a 
suitable warning) when PAM returns PAM_NEW_AUTHTOK_REQD be acceptable?

At least the users could change their passwords themselves.


| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller -
| Email: djm at (home) -or- djm at (work)

More information about the openssh-unix-dev mailing list