good news for solaris8 &3.4p1
Philip Brown
phil at bolthole.com
Tue Oct 8 06:22:30 EST 2002
Thanks go to Darren Tucker who posted about "#if 0" on auth-pam.c
I saw his email in the archive, about solaris 7.
I removed the "#if 0", and finally, password expiration works.
A caviat or two:
If UseLogin=no (the default) , if a user fails to use the
correct password for a "change on first login" account, you get the
following message:
sshd(SYSTEM): Sorry, wrong passwd
removing root credentials would break the rpc services that
use secure rpc on this host!
root may use keylogout -f to do this (at your own risk)!
On the other hand, if UseLogin=yes
telnet(SYSTEM): Sorry, wrong passwd
Connection to srvwfs01 closed.
I'm not exactly sure which is the preferred one to use here :-)
Any recommendations?
BTW: This was with making zero changes to the Solaris 8 /etc/pam.conf
More information about the openssh-unix-dev
mailing list