password aging

Dan Yefimov dan at
Fri Nov 14 00:11:33 EST 2003

On Wed, 12 Nov 2003, Ryan Robertson wrote:

> I've compiled 3.7.1p2 on AIX 5.1 w/pam compiled in,
> but not enable in the sshd_config. Also applied
> Darrens 3.7.1p2 patch25. I am having issues w/password
> aging when maxage is set to anything >0.  i dont
> believe this function was ever working (at least not
> in 3.5p1). 
> Can anyone verify this?
Please describe your problem in details. What exactly issues are you 
experiencing? The thing is that I have problems with password aging in stock 
openssh 3.7.1p2 with pam support both compiled in and enabled. When yser whose 
password has expired tries to log in the connection is being closed immediately 
after he enters his password. System logs contain messages as follows.

Nov  5 18:48:51 pokemon sshd(pam_unix)[25216]: password - (old) token not 
Nov  5 18:48:51 pokemon sshd[25216]: fatal: PAM: pam_chauthtok(): Authentication 
token manipulation error

    Sincerely Your, Dan.

More information about the openssh-unix-dev mailing list