<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 5.5.2653.12">
<TITLE>RE: Call for testing for 3.5 OpenSSH</TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=2>And our management considers it impractical to lock our users out when they could normally change their passwords and go on with life. Our access control people are too slow to help them on a useful basis.</FONT></P>
<P><FONT SIZE=2>-----Original Message-----</FONT>
<BR><FONT SIZE=2>From: Markus Friedl [<A HREF="mailto:markus@openbsd.org">mailto:markus@openbsd.org</A>]</FONT>
<BR><FONT SIZE=2>Sent: Thursday, September 26, 2002 3:10 PM</FONT>
<BR><FONT SIZE=2>To: Lacoss-Arnold, Jason</FONT>
<BR><FONT SIZE=2>Cc: Portable OpenSSH</FONT>
<BR><FONT SIZE=2>Subject: Re: Call for testing for 3.5 OpenSSH</FONT>
</P>
<BR>
<P><FONT SIZE=2>On Thu, Sep 26, 2002 at 09:53:11AM -0500, Lacoss-Arnold, Jason wrote:</FONT>
<BR><FONT SIZE=2>> It's an organizational value, not a personal one. It's much harder to get</FONT>
<BR><FONT SIZE=2>> an exception from way on high to turn off password aging on 500 unix servers</FONT>
<BR><FONT SIZE=2>> than it is to just turn off privsep.</FONT>
</P>
<P><FONT SIZE=2>password aging should work. you just cannot login or change</FONT>
<BR><FONT SIZE=2>your expired password.</FONT>
</P>
<CODE><FONT SIZE=3><BR>
<BR>
***********************************************************************************<BR>
WARNING: All e-mail sent to and from this address will be received or<BR>
otherwise recorded by the A.G. Edwards corporate e-mail system and is<BR>
subject to archival, monitoring or review by, and/or disclosure to,<BR>
someone other than the recipient.<BR>
************************************************************************************<BR>
</FONT></CODE></BODY>
</HTML>