Bug Report
Darren Tucker
dtucker at zip.com.au
Fri Dec 3 11:59:32 EST 2004
Kantor, Harry S CIV NAVSURFWARCEN CSS, 376 / 110E wrote:
> I am running OpenSSH_3.7.1p2 on an HPUX 10.10 operating system.
Wow, I haven't seen that HP-UX version in a long time.
> I recently converted my OS to a trusted system, which, among other things,
> shadows passwords in the /etc/passwd file. In order to shadow the user
> passwords, a '*' character is used. Unfortunately, the documentation for
> sshd states that, for HP operating systems, a '*' character in the
> /etc/passwd file is a sign that the user's account is locked out of ssh
> logins.
To work around the problem, comment out the LOCKED_PASSWD_STRING line in
config.h after running configure but before running make.
I think newer versions of OpenSSH will work OK: we changed sshd so it
would always use the shadow functions on HP-UX if they're available, and
getspnam() should return the correct password from /tcb/* rather than
/etc/passwd, and thus won't have this problem.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list