[PATCH] AIX password expiration (via passwd)
Ben Lindstrom
mouring at etoh.eviladmin.org
Thu Oct 31 13:16:36 EST 2002
On Thu, 31 Oct 2002, Darren Tucker wrote:
> Ben Lindstrom wrote:
> > Looks like what I was working on. The only thing that one may need to
> > worry about is if you are on systems like OpenBSD or PAM w/ cracklib it
> > may return comments like:
> [snip]
> > Would be nice to return that to the end user. Just not sure how
> > pratical. It is already black magic depending on /usr/bin/passwd.
>
> And once it tries to handle all of those things, timing problems and
> other system-dependant wierdness all in one change_password function,
> what are the odds of it ending up bigger, uglier and flakier than the
> sum of [aix|shadow|pam]_change_password?
Ya I know )
>
> FWIW, my preference is currently:
> 1) *_change_password via PASSWD_CHANGEREQ for proto 2, passwd in session
> for proto 1
> 2) exec passwd in session for both
> 3) passwd in pty via PASSWD_CHANGEREQ for proto 2, passwd in session for
> proto 1
>
> Apart from AIX, /etc/shadow and PAM based systems, what other password
> expiry schemes are there?
>
BSD_AUTH
Maybe SIA has it's own stuff.
MacOSX/NeXT have NetInfo which has it's own wierd way.
Cygwin on NT (won't make sense for win98).. assuming they want to
that challenge
- Ben
More information about the openssh-unix-dev
mailing list