[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: telnet vs. sshd pam.d files

From: Paul Nicholas Faure <paul engsoc carleton ca>
To: pam-list redhat com
Subject: Re: telnet vs. sshd pam.d files
Date: Sun, 10 Sep 2000 23:22:36 -0400 (EDT)

On Sun, 10 Sep 2000, Ethan Benson wrote:

> On Sun, Sep 10, 2000 at 03:57:37PM -0400, Paul Nicholas Faure wrote:
> > > telnet just spawns /bin/login so it uses /etc/pam.d/login
> > > 
> > > ssh is just broken in regards to handling expiration correctly
> > > (OpenSSH 1.2.3 will just deny access when a password is expired, when
> > > it should force the user to change it)
> > > 
> > > annoying.  (i don't know how to fix it unforunatly)
> > 
> > I have openssh-2.1.1p4-1, and it allows access if the pssword expired, but
> > give a nice little warning "Your password has expired, please change it.".
> 
> hmm that must be fixed in openssh 2 (notice above i mention openssh
> 1.2.3) 

Just upgraded to the latest and greatest (openssh-2.2.0p1-2), and the
error is still there...

> > Does regular SSH have this same problem ?
> 
> you mean ssh-nonfree?  i have no idea i have not used that since
> openssh came along.

Yea, ssh-nonfree. I could use it, because it is now free to Universities.

> does openssh2 force the user to change the password or just nag them?
> it really needs to force the issue like login does to be effective.  

OpenSSH2 nags the users. No force.

-- 
Paul Faure					paul@paulfaure.com
Carleton University Systems Engineer 3rd Year	paul@porkchop.org
Engsoc Admin/BOG Technical Director		paul@engsoc.org

Follow-Ups:
- Re: telnet vs. sshd pam.d files
  - From: "Michael A. Dietz" <mad099@dietznet.net>

References:
- Re: telnet vs. sshd pam.d files
  - From: Ethan Benson <erbenson@alaska.net>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index] []