sshd can't change expired password on Sol8 with Openssh3.0p1 + PAM
Scott Burch
scott.burch at camberwind.com
Fri Nov 9 07:06:16 EST 2001
Hello,
For Solaris 2.6 the patch is 106271-08 from 9/17/01. I am about to build on
2.6 and will verify that this works.
-Scott
----- Original Message -----
From: "Ed Phillips" <ed at UDel.Edu>
To: "Dost, Alexander" <Alexander.Dost at drkw.com>
Cc: "OpenSSH Development" <openssh-unix-dev at mindrot.org>
Sent: Thursday, November 08, 2001 1:36 PM
Subject: RE: sshd can't change expired password on Sol8 with Openssh3.0p1 +
PAM
> Better Idea Alert!
>
> Try patch 111659-02 and you don't have to wait for 3 hours (right now)
> while the Recommended Patch Set installs.
>
> Chances are, if there is a problem with pam_unix, this patch fixes it.
> The buglist for this patch includes the following:
>
> 4112707 Password expiration (passwd -f) doesn't work correctly
>
> Also, if "passwd -f" is really the culprit (puts something in /etc/shadow
> that pam_unix.so doesn't like), you can try editing /etc/shadow by hand
> and make the entry look like:
>
> user:<encpw>:1:1:1::::
>
> Hope this is helps...
>
> Ed
>
> On Thu, 8 Nov 2001, Ed Phillips wrote:
>
> > Date: Thu, 8 Nov 2001 14:26:54 -0500 (EST)
> > From: Ed Phillips <ed at udel.edu>
> > To: "Dost, Alexander" <Alexander.Dost at drkw.com>
> > Cc: openssh-unix-dev at udel.edu
> > Subject: RE: sshd can't change expired password on Sol8 with
Openssh3.0p1
> > + PAM
> >
> > The reason I ask about the patches is because I think the problem you're
> > seeing might actually be a bug in pam_unix.so.1 - it's something to try
at
> > least. We don't use password aging and we don't use the "passwd"
command
> > to change passwords, so we haven't run into this at our site even though
> > we probably don't have pam_unix.so patched up. Also, the passwd command
> > doesn't even work if you have something besides "files", "nis" or "nis+"
> > in the passwd line of /etc/nsswitch.conf (which we do).
> >
> > Ed
> >
> > Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082
> > Systems Programmer III, Network and Systems Services
> > finger -l ed at polycut.nss.udel.edu for PGP public key
> >
> >
>
> Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082
> Systems Programmer III, Network and Systems Services
> finger -l ed at polycut.nss.udel.edu for PGP public key
>
>
>
More information about the openssh-unix-dev
mailing list