Expired password handling in openssh-2.5.1p1/2

Dan Kaminsky dankamin at cisco.com
Fri Mar 2 04:24:21 EST 2001


> Are there plans, or does someone have a fix, for having openssh force
> users to change passwords when they're expired?
>
> Right now the program closes the connection....the commercial ssh
> manages to exec /bin/passwd after they enter their current password.
>
> Any ideas?

Hmm, does PAM send back a special message when the password needs to be
changed?

I could envision changing the user shell to /bin/passwd if PAM complains...

--Dan







More information about the openssh-unix-dev mailing list