sshd can't change expired password on Sol8 with Openssh3.0p1 + PAM
Ed Phillips
ed at UDel.Edu
Fri Nov 9 06:36:54 EST 2001
Better Idea Alert!
Try patch 111659-02 and you don't have to wait for 3 hours (right now)
while the Recommended Patch Set installs.
Chances are, if there is a problem with pam_unix, this patch fixes it.
The buglist for this patch includes the following:
4112707 Password expiration (passwd -f) doesn't work correctly
Also, if "passwd -f" is really the culprit (puts something in /etc/shadow
that pam_unix.so doesn't like), you can try editing /etc/shadow by hand
and make the entry look like:
user:<encpw>:1:1:1::::
Hope this is helps...
Ed
On Thu, 8 Nov 2001, Ed Phillips wrote:
> Date: Thu, 8 Nov 2001 14:26:54 -0500 (EST)
> From: Ed Phillips <ed at udel.edu>
> To: "Dost, Alexander" <Alexander.Dost at drkw.com>
> Cc: openssh-unix-dev at udel.edu
> Subject: RE: sshd can't change expired password on Sol8 with Openssh3.0p1
> + PAM
>
> The reason I ask about the patches is because I think the problem you're
> seeing might actually be a bug in pam_unix.so.1 - it's something to try at
> least. We don't use password aging and we don't use the "passwd" command
> to change passwords, so we haven't run into this at our site even though
> we probably don't have pam_unix.so patched up. Also, the passwd command
> doesn't even work if you have something besides "files", "nis" or "nis+"
> in the passwd line of /etc/nsswitch.conf (which we do).
>
> Ed
>
> Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082
> Systems Programmer III, Network and Systems Services
> finger -l ed at polycut.nss.udel.edu for PGP public key
>
>
Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082
Systems Programmer III, Network and Systems Services
finger -l ed at polycut.nss.udel.edu for PGP public key
More information about the openssh-unix-dev
mailing list