Usability issue when forced to change password when logging in to a system
John Olsson M
john.m.olsson at ericsson.com
Tue Jan 27 22:40:30 AEDT 2015
Why don't you try? All arguments are better received with a patch.
Sure! :)
Where can I find instructions on how to setup my own build and test
environment for OpenSSH development on Ubuntu 14.04? Any official
OpenSSH design rules I should consider (apart from following the style
already used in the source code)?
The initial dialog example (that motivated me to send the initial email
to the list) comes from a system based on SLED 11 SP3.
When checking, the actual dialog presented at login is identical to what
happens when you run the passwd command in the shell to change your
password. Thus it seems like the dialog texts does not originate from
OpenSSH itself. So the "culprit" might actually be PAM...
/John
On 2015-01-26 12:33, Peter Stuge wrote:
> John Olsson M wrote:
>> What about changing the dialog like this? (The instructions matches better
> I think there's a good case to be made for OpenSSH to not provide any
> instructions at all unless it is in charge of the dialog itself.
>
> Have you checked that the current instructions are actually output by
> OpenSSH? The string seems to be in openbsd-compat/bsd-cray.c inside
> #ifdef _UNICOS
>
>
>> Login As: Foobar
>> Password:
>> Your password has expired. Retype your old password.
> I'd argue simply for "Your password has expired."
>
>> Old Password:
>> Choose a new password.
>> New Password:
>> Retype your new password
>> New Password:
>
>> Could this be implemented without the need for caching any password
> Why don't you try? All arguments are better received with a patch.
>
>
> //Peter
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
More information about the openssh-unix-dev
mailing list