SSH Bug 3.5p1 Expired Passwords

Frank Beckmann Frank.Beckmann at vodafone.com
Thu Feb 20 19:48:00 EST 2003


Hi :-)

is this Problem Fix in a new Snapshot Version of Openssh ?
The Fix has only run under Protokoll 1 not under Protokoll 2 :-(

Greetings from Germany

Frank Beckmann

Darren Tucker wrote:

> Frank Beckmann wrote:
> 
>>in the new Openssh 3.5p1 is the sam Bug as in the 3.4p1 :-(
>>When a User try to login with a expired Passwort, SSH denys the Acces to the System
> 
> 
> In pam-auth.c, change
> 
> #if 0
>                 case PAM_NEW_AUTHTOK_REQD:
> 
> to
> 
> #if 1
>                 case PAM_NEW_AUTHTOK_REQD:
> 
> and set "UsePrivilegeSeparation no" in sshd_config.
> 
> People have reported mixed success, so your milage may vary.
> 
> Let the list know how it goes; one of the reasons this isn't enabled in
> 3.5p1 is lack of testing.
> 


-- 
Frank	Beckmann
Abt. 	TOIU
Tel: 	0211 533-5758
Fax:	0211 533-1451
Mail	Frank.Beckmann at vodafone.com




More information about the openssh-unix-dev mailing list