All, We have recently updated our password aging to include setting inactivity days. We are running ossh 4.1p1 in a Solaris 8 environment. It appears that ossh isn't picking up on inactivity. Accounts that have been inactive still prompt to change passwords - if you telnet the same servers you get kicked out immediately. On the Solaris 9 servers running SUN's ssh the inactive accounts are being locked. Any ideas? --Bob Barnett
On Wed Nov 9 06:48:07 2005, Barnett, Bob wrote:> > All, > > We have recently updated our password aging to include setting inactivity days. We are running ossh 4.1p1 in a Solaris 8 environment. It appears that ossh isn't picking up on inactivity. Accounts that have been inactive still prompt to change passwords - if you telnet the same servers you get kicked out immediately. On the Solaris 9 servers running SUN's ssh the inactive accounts are being locked. Any ideas? > >As I recall, support for the inactive field in OpenSSH's password aging was deliberately excluded due to inconsistent handling of that field on various OS's. There is a comment in auth-shadow.c indicating that this is a TODO itme. -- Iain Morgan
On November 9, 2005 9:48:07 AM -0500 "Barnett, Bob" <Bob.Barnett at fishersci.com> wrote:> All, > > We have recently updated our password aging to include setting inactivity days. We are running > ossh 4.1p1 in a Solaris 8 environment. It appears that ossh isn't picking up on inactivity. > Accounts that have been inactive still prompt to change passwords - if you telnet the same > servers you get kicked out immediately. On the Solaris 9 servers running SUN's ssh the inactive > accounts are being locked. Any ideas?Try using kbdint auth instead of password. -frank