Problems with aged passwords (Red Hat 7.x, OpenSSH 2.9.x-3.0. 2p1)

Bluth, Gunnar Gunnar.Bluth at drkw.com
Thu Dec 20 04:30:55 EST 2001 

Ooops, I missed that one, sorry.
I'll see if it helps.

Thx.

Nick

	Nick (Gunnar) Bluth
	Linux Systems Administrator
	Dresdner Kleinwort Wasserstein 
	Dresdner Bank AG 
	Global Business Services     <mailto: gunnar.bluth at DrKW.com> 
	IT Operational Integrity     Voice:  +49 69 263 57913  (97000 -
57913) 
	Jürgen-Ponto-Platz 1         Fax:    +49 69 263 16994  (97000 -
16994) 
	D-60301 Frankfurt am Main    Mobile: +49 172 8853339	 

	Linux Admin Team:     <mailto: DrKWlinux at DrKW.com> 
	Linux Support Team:  <mailto:DrKWfftlinuxsupport at DrKW.com> 




> -----Original Message-----
> From:	Nalin Dahyabhai [SMTP:nalin at redhat.com]
> Sent:	19 December 2001 18:01
> To:	Gunnar.Bluth at drkw.com
> Cc:	openssh-unix-dev at mindrot.org
> Subject:	Re: Problems with aged passwords (Red Hat 7.x, OpenSSH
> 2.9.x-3.0.2p1)
> 
> On Wed, Dec 19, 2001 at 05:46:26PM +0100, Gunnar.Bluth at drkw.com wrote:
> > We're experiencing weird problems here:
> > 
> > The Solaris guys have user-packages, so we had to do this too for the
> Linux 
> > boxes (7.0, 7.1).
> > Since some of the accounts get "easy" passwords set at install time,
> they are 
> > expired at once:
> > /usr/bin/chage -m 7 -M 84 -W 14 <user>
> > 
> > Now, at login, the user is prompted:
> > 
> > You are required to change your password immediately (root enforced)
> > Warning: Your password has expired, please change it now
> > Changing password for <user>
> > (current) UNIX password:xxxxxxxx
> > New UNIX password:xxxxxxx          (and yes, it definitly is a good one
> ;-) )
> > BAD PASSWORD: is too simple
> > New UNIX password:
> > and so on...
> 
> This is a pam_cracklib bug.  Because 7.0 and 7.1 sound like version
> numbers of RHL, I'll point you at the update for RHL 7.1 at
> http://www.redhat.com/support/errata/RHBA-2001-149.html.  The updates
> for 7.1 should work without difficulties on 7.0.
> 
> Cheers,
> 
> Nalin


If you have received this e-mail in error or wish to read our e-mail disclaimer statement and monitoring policy, please refer to
http://www.drkw.com/disc/email/ or contact the sender.

More information about the openssh-unix-dev mailing list