Call for testing for 3.6: password expiry?
hayward at slothmud.org
hayward at slothmud.org
Thu Mar 20 14:45:02 EST 2003
I would like to see the expiry patch in as well. We use OpenSSH across a
large corporation, with thousands of servers (Solaris, AIX, HP, etc) Our
policies require password expiry... What's the point of SSH if you have
to use telnet to change your password after it expires...? :-)
Thanks for the consideration,
Brian Hayward
>I have tried this patch (against 3.5p1) and would very much like it to be in the OpenSSH 3.6p1 release, if possible:
>http://bugzilla.mindrot.org/show_bug.cgi?id=14
>
>On that note, I'd like the Sun BSM patch to be included also, if possible. I have it working applied to 3.5p1:
>http://bugzilla.mindrot.org/show_bug.cgi?id=125
>
>In fact, both patches work together, apparently.
>
>If I have any issues, I'll post them here.
>
>Jeff Koenig
>
>>>> Darren Tucker <dtucker at zip.com.au> 03/07/03 12:55AM >>>
>Hi again.
>
>Ben Lindstrom wrote:
>> So if you have any patches you need to ensure your platform works speak
>> up. We are looking at a lock on the 17th.
>
>There's a couple of patches in Bugzilla that relate to my pet project:
>
>Bugzilla Bug 14: Can't change expired /etc/shadow password without PAM
>http://bugzilla.mindrot.org/attachment.cgi?id=240&action=view
>
>Bugzilla Bug 463: PrintLastLog doesn't work in privsep mode
>http://bugzilla.mindrot.org/attachment.cgi?id=235&action=view
>
>There is some overlap between the two patches and they're out of sync
>with each other.
>
>Can I please get someone to review these and let me know if they're
>suitable for inclusion in 3.6p1? The expiry patches have been pretty
>heavily tested (nearly 800 downloads of the patch). I've had about a
>dozen reports of problems, all of which have been resolved (mostly
>configuring with pam when it wasn't supported, a couple of genuine
>problems and a couple of cases of pilot error).
>
>If they are likely to go in, please let me know what you'd like done
>with them (eg, merge them into a single patch or make 2 "stacked"
>patches to be applied sequentially, and particularly what if anything
>should be done with the interaction with do_pam_chauthtok).
>
>
--
Brian Hayward
More information about the openssh-unix-dev
mailing list