[PATCH]: Call pam_chauthtok from keyboard-interactive.
Darren Tucker
dtucker at zip.com.au
Tue Oct 14 13:02:06 EST 2003
Darren J Moffat wrote:
>
> On Mon, 13 Oct 2003, Darren Tucker wrote:
>
> > Hi All.
> > This patch calls pam_chauthtok() to change an expired password via PAM
> > during keyboard-interactive authentication (SSHv2 only). It is tested on
> > Redhat 8 and Solaris 8.
>
> Which release of Solaris 8 and what additional patches do you have installed ?
2/02 with the recommended patch cluster from 5 Aug 2003.
> What does your pam.conf file look like ? If it has pam_unix.so entries then
> it is an older Solaris 8 if it has entries that look like pam_unix_auth.so
> and pam_authtokstore.so then it is a newer Solaris 8.
$ grep other /etc/pam.conf
other auth requisite pam_authtok_get.so.1
other auth required pam_dhkeys.so.1
other auth required pam_unix_auth.so.1
other account requisite pam_roles.so.1
other account required pam_projects.so.1
other account required pam_unix_account.so.1
other session required pam_unix_session.so.1
other password required pam_dhkeys.so.1
other password requisite pam_authtok_get.so.1
other password requisite pam_authtok_check.so.1
other password required pam_authtok_store.so.1
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list