--with-pam and expired passwords
Darren Tucker
dtucker at zip.com.au
Sat Jan 10 11:45:12 EST 2004
Mordechai T. Abzug wrote:
> On Sat, Jan 10, 2004 at 11:19:34AM +1100, Darren Tucker wrote:
>
>>What version are you using? The keyboard-interactive code in OpenSSH
>>-current should work (I just tested it and it seems to work). The
>>non-keyboard-interactive methods (ie chauthtok-in-session and
>>passwd-in-session methods) can't easily reset the forwarding flags
>>because they're in a different process.
>
>
> I'm using 3.7.1p2 with publickey,password,hostbased.
Well, in -current (and thus the next major release), resetting the
forwarding flags will work with keyboard-interactive. There's no easy
way (well, actually there is, but there's no easy *secure* way) to reset
the forwarding flags for anything non-kbdint authentications.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list