Does OpenSSH support PAM fully ? OpenSSH does not prompt the user for a new password if it has expired. It simply says "Warning: You password has expired, please change it now". My /etc/pam.d/sshd file is: auth required /lib/security/pam_securetty.so auth required /lib/security/pam_unix.so shadow nullok auth required /lib/security/pam_nologin.so account required /lib/security/pam_unix.so password required /lib/security/pam_cracklib.so retry=3 password required /lib/security/pam_unix.so shadow nullok use_authtok nis session required /lib/security/pam_unix.so session optional /lib/security/pam_console.so My /etc/pam.d/login file is the same as /etc/pam.d/sshd. And telnet properly prompts me for a password. -- Paul Faure paul at paulfaure.com Carleton University Systems Engineer 3rd Year paul at porkchop.org Engsoc Admin/BOG Technical Director paul at engsoc.org
