3.8p1 password expiry, Solaris 8
Kevin Mack
kmack at sgi.sk.ca
Fri Mar 19 10:46:15 EST 2004
On Fri, Mar 19, 2004 at 10:15:35AM +1100, Darren Tucker wrote:
> Kevin Mack wrote:
> >I can't seem to get the /etc/shadow password expiry working on
> >3.8p1 on Solaris 8. It works fine with 3.7.1p2 and pwexp26.
> >Logins aren't affected after a 'passwd -df' or 'passwd -f'.
> [...]
> >'ssh -V':
> >OpenSSH_3.8.p1-pwexp26, SSH protocols 1.5/2.0, OpenSSL 0.9.7c 30 Sep 2003
>
> I never released a pwexp patch for 3.8p1, where did you get that?
Oops, I edited version.h for some reason! Otherwise, it's a
straight 3.8p1.
> >debug2: we sent a publickey packet, wait for reply
> >debug1: Server accepts key: pkalg ssh-dss blen 434
>
> The password expiry code in 3.8p1 is only checked for password or
> keyboard-interactive authentications. It does not get checked for
> public-key (or hostbased) logins.
>
> I posted a more details explanation of the differences a while back:
> http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=107650523726292
Thanks Darren, we'll use 3.7.1p2 for now.
More information about the openssh-unix-dev
mailing list