Q: 2.5.2p2, RSA auth and expired passwords
John Hardin
johnh at aproposretail.com
Thu Sep 13 07:38:49 EST 2001
Nicolas Williams wrote:
>
> If you were using Kerberos V password validation, how could you check
> if the user's password is expired without having access to the user's
> password? If the user requires pre-authentication, then you can't.
>
> On Wed, Sep 12, 2001 at 02:08:38PM -0700, John Hardin wrote:
> > Quick question:
> >
> > ssh client and server 2.5.2p2, RSA authentication. Should the user be
> > prompted to change their password if it's expired?
That's just it, we're using only plain-vanilla RSA1 authentication.
Should it even be checking to see whether the password has expired?
I wouldn't expect it to. I was very surprised when an ssh user with RSA
auth came to me with a "your password has expired" notice on the screen.
--
John Hardin <johnh at aproposretail.com>
Internal Systems Administrator voice: (425) 672-1304
Apropos Retail Management Systems, Inc. fax: (425) 672-0192
More information about the openssh-unix-dev
mailing list