Expired password handling in openssh-2.5.1p1/2

Dan Kaminsky dankamin at cisco.com
Fri Mar 2 04:24:21 EST 2001

> Are there plans, or does someone have a fix, for having openssh force
> users to change passwords when they're expired?
> Right now the program closes the connection....the commercial ssh
> manages to exec /bin/passwd after they enter their current password.
> Any ideas?

Hmm, does PAM send back a special message when the password needs to be

I could envision changing the user shell to /bin/passwd if PAM complains...


More information about the openssh-unix-dev mailing list