[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: telnet vs. sshd pam.d files



On Sun, Sep 10, 2000 at 03:57:37PM -0400, Paul Nicholas Faure wrote:
> > telnet just spawns /bin/login so it uses /etc/pam.d/login
> > 
> > ssh is just broken in regards to handling expiration correctly
> > (OpenSSH 1.2.3 will just deny access when a password is expired, when
> > it should force the user to change it)
> > 
> > annoying.  (i don't know how to fix it unforunatly)
> 
> I have openssh-2.1.1p4-1, and it allows access if the pssword expired, but
> give a nice little warning "Your password has expired, please change it.".

hmm that must be fixed in openssh 2 (notice above i mention openssh
1.2.3) 

> Does regular SSH have this same problem ?

you mean ssh-nonfree?  i have no idea i have not used that since
openssh came along.  

does openssh2 force the user to change the password or just nag them?
it really needs to force the issue like login does to be effective.  

-- 
Ethan Benson
http://www.alaska.net/~erbenson/

Attachment: pgp00001.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []