I'm looking to move some Solaris 2.6 and 7 machines to openssh. Showstopper bug: openssh (up to 3.1p1) doesn't seem to correctly implement expired passwords. Looking back through the archive, it looks like Dave Dykstra submitted a patch for this problem relative to an older version of openssh at least as early as last August: http://msgs.securepoint.com/cgi-bin/get/openssh-unix-dev-0108/77.html The patch seems to work on one of my test machines, after some minimal finagling. Is this patch the standard solution to this problem? Thanks! - Morty
On Mon, Mar 11, 2002 at 10:04:07PM -0500, Mordechai T. Abzug wrote:> I'm looking to move some Solaris 2.6 and 7 machines to openssh. > Showstopper bug: openssh (up to 3.1p1) doesn't seem to correctly > implement expired passwords.[snip] Never mind -- ./configure --with-pam is the solution to that problem. Sorry. - Morty
Bug 14 includes a patch that is essentially Dave's patch. That worked up through 3.0.2p1. I tried it with 3.1.p1 and the patch did not apply completely. You should be able to avoid the issue for Solaris by using PAM. Use the --with-pam configure options. On Mon Mar 11 19:04:07 2002, Mordechai T. Abzug wrote:> > > I'm looking to move some Solaris 2.6 and 7 machines to openssh. > Showstopper bug: openssh (up to 3.1p1) doesn't seem to correctly > implement expired passwords. > > Looking back through the archive, it looks like Dave Dykstra submitted > a patch for this problem relative to an older version of openssh at > least as early as last August: > > http://msgs.securepoint.com/cgi-bin/get/openssh-unix-dev-0108/77.html > > The patch seems to work on one of my test machines, after some minimal > finagling. Is this patch the standard solution to this problem? > > Thanks! > > - Morty > _______________________________________________ > openssh-unix-dev at mindrot.org mailing list > http://www.mindrot.org/mailman/listinfo/openssh-unix-dev >-- Iain Morgan NAS Desktop Support Group
On Mon, 11 Mar 2002, Mordechai T. Abzug wrote:> > I'm looking to move some Solaris 2.6 and 7 machines to openssh. > Showstopper bug: openssh (up to 3.1p1) doesn't seem to correctly > implement expired passwords.If you build with --with-pam it does. -d