3.8p1 password expiry, Solaris 8

Darren Tucker dtucker at zip.com.au
Fri Mar 19 10:15:35 EST 2004


Kevin Mack wrote:
> I can't seem to get the /etc/shadow password expiry working on
> 3.8p1 on Solaris 8. It works fine with 3.7.1p2 and pwexp26.
> Logins aren't affected after a 'passwd -df' or 'passwd -f'.
[...]
> 'ssh -V':
> OpenSSH_3.8.p1-pwexp26, SSH protocols 1.5/2.0, OpenSSL 0.9.7c 30 Sep 2003

I never released a pwexp patch for 3.8p1, where did you get that?

> debug2: we sent a publickey packet, wait for reply
> debug1: Server accepts key: pkalg ssh-dss blen 434

The password expiry code in 3.8p1 is only checked for password or 
keyboard-interactive authentications.  It does not get checked for 
public-key (or hostbased) logins.

I posted a more details explanation of the differences a while back:
http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=107650523726292

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
     Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.




More information about the openssh-unix-dev mailing list