Hi again folks,
The new passexpire21 patch works well (ta Darren) but...
1) is it possible to display the "your password has expired and needs
changing"
to the users *before* calling the password change routine?
ie ssh shows...
$: ssh 193.62.122.26
ade45 at 193.62.122.26's password:
Changing password for "ade45"
ade45's Old password:
ade45's New password:
Re-enter ade45's new password:
3004-609 Your password has expired. Please choose a new password.Last
unsuccessful login: Tue 1 Jul 09:21:49 2003 on /dev/dtlogin/_0
Last login: Tue 1 Jul 14:34:01 2003 on ssh from l1f01
whereas rlogin (yes I know.... it's a development box) shows
$: rlogin !$
rlogin 193.62.122.26
ade45's Password:
3004-609 Your password has expired.
Please choose a new password.
ade45's New password:
2) when a password is *due* to expire soon (ie within the pwdwarntime range)
the message could do with a carriage return...
ade45 at 193.62.122.26's password:
3004-328 Your password will expire: Tue 15 Jul 14:30:40 2003Last
unsuccessful login: Tue 1 Jul 09:21:49 2003 on /dev/dtlogin/_0
Last login: Tue 1 Jul 14:30:31 2003 on ssh from l1f01
I'm pretty sure this is just a case of re-arranging some stuff* in the patch
code,
but not sure where...
Many thanks,
Andrew
*technical term for blood, sweat n tears
"Elwell, AD (Andrew)" wrote:> The new passexpire21 patch works well (ta Darren) but... > > 1) is it possible to display the "your password has expired and needs > changing" > to the users *before* calling the password change routine?It used to, last time I tried it on AIX. What configure options are you using if any? There are actually 2 sets of messages: the "expire message" and the "login message". The former is supposed to hold "Your password will expire/has expired" messages, the latter "Last login was.." type messages. The expire messages are supposed to be displayed before the change (see session.c:764).> 2) when a password is *due* to expire soon (ie within the pwdwarntime range) > > the message could do with a carriage return...That one should be easy. ISTR that AIX's expiry messages had their own newlines, maybe that varies with the version? What version of AIX are we talking about? -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Yep, seems to have done the trick, Many thanks Andrew
"Elwell, AD (Andrew)" wrote:> Yep, > > seems to have done the trick,The patch was (rightly) bounced by mindrot as being too big. If anyone else wants it: http://www.zip.com.au/~dtucker/openssh/openssh-3.6.1p2-passexpire22.patch -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Possibly Parallel Threads
- openssh-3.6.1p2-passexpire20.patch prevents /etc/nologin display on AIX
- X11 problems on AIX (OpenSSH_3.7.1p2-pwexp24)
- openssh-3.6.1p2-passexpire20.patch prevents /etc/nologin disp lay on AIX
- Compiling 3.8p1 on AIX with IBM OpenSSL RPMs
- Help with function writing