Expired password handling in openssh-2.5.1p1/2

Kevin Taylor ktaylor at eosdata.gsfc.nasa.gov
Fri Mar 2 23:44:54 EST 2001


On Thu, 1 Mar 2001, Dan Kaminsky wrote:

>>> Are there plans, or does someone have a fix, for having openssh force
>>> users to change passwords when they're expired?
>>>
>>> Right now the program closes the connection....the commercial ssh
>>> manages to exec /bin/passwd after they enter their current password.
>>>
>>> Any ideas?
>>
>> Hmm, does PAM send back a special message when the password needs to
>> be changed?
>>
>> I could envision changing the user shell to /bin/passwd if PAM
>> complains...

>It works for PAM now, but not for non-PAM.

>-d

That's what Kevin Steves was saying. Hopefully the code he was working
on for the password interface for other systems will be implemented
soon.



-- 
---------------------------------------------------------.
Kevin Taylor                                              \
Systems Administrator - DAAC, Code 902, Bldg 32, Rm N126A /
Science Systems and Applications, Inc.                    \
Goddard Space Flight Center                               /
Greenbelt, MD 20771                                       \
                                                          /
Phone:  (301) 614-5505                                    \
e-mail: ktaylor at daac.gsfc.nasa.gov                        /
----------------------------------------------------------'





More information about the openssh-unix-dev mailing list