I have a question regarding userid password expiration and OpenSSH. When using telnet to a solaris server with an expired userid, the telnet session allows the user to enter a new password, but the user ssh instead the password expiration is ignored and it let the user logon. How can I make ssh recognize that the password has expired ?. I Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
> -----Original Message----- > From: Wiese, Maria > Sent: Monday, April 01, 2002 9:52 AM > To: 'openssh-unix-dev at mindrot.org' > Subject: OpenSSH password expiration in Solaris > > I have a question regarding userid password expiration and OpenSSH. When > using telnet to a solaris server with an expired userid, the > telnet session allows the user to enter a new password, but the user ssh > instead the password expiration is ignored and it let the user > logon. > How can I make ssh recognize that the password has expired ?. > Forgot to mention, I am running OpenSSH V31p1 with sshv1 disable, so the > paramwter ForcePasswdChange does not work. >Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
On Mon, 1 Apr 2002, Wiese, Maria wrote: :I have a question regarding userid password expiration and OpenSSH. When :using telnet to a solaris server with an expired userid, the :telnet session allows the user to enter a new password, but the user ssh :instead the password expiration is ignored and it let the user :logon. :How can I make ssh recognize that the password has expired ?. I I plan to integrate this patch for 3.2: http://bugzilla.mindrot.org/show_bug.cgi?id=14 Another option would be to use PAM (preferable in general I think) but it's not working in some cases now on solaris: http://bugzilla.mindrot.org/show_bug.cgi?id=129