Hi, I get problem of OpenSSH v3.7.1p2 authentication only on AIX that using NIS. Following is the debug message even before I enter my password: Apr 22 11:18:54 db309a sshd[413700]: Connection from 172.16.59.210 port 44654 Apr 22 11:18:54 db309a sshd[413700]: User spowell password expired too long Apr 22 11:18:54 db309a sshd[413700]: Failed none for illegal user spowell from 172.16.59.210 port 44654 ssh2 The password expiry problem on AIX appears to be related to sshd's method of checking password expiry and other such details on AIX. At the moment it appears to be just blindly checking /etc/security/passwd for the user (regardless of whether they're NIS or Local users) and will quitely fail if the user is not there. I validated this was the case by adding a nis user's details with a recent 'lastupdate' value for the password and verified that the user was able to login successfully. Is there anyone can advise a workaround on this? Thanks _________________________________________________________ ??????????... ???? ???? http://us.rd.yahoo.com/evt=22281/*http://ringtone.yahoo.com.hk/
lambert lau wrote:> I get problem of OpenSSH v3.7.1p2 authentication only > on AIX that using NIS. Following is the debug message > even before I enter my password: > > Apr 22 11:18:54 db309a sshd[413700]: Connection from > 172.16.59.210 port 44654 > Apr 22 11:18:54 db309a sshd[413700]: User spowell > password expired too longVanilla OpenSSH does not produce that message, but my password expiry patch does. You should always mention any patches you're using in addition to the base code. [...]> Is there anyone can advise a workaround on this?Use OpenSSH 3.8.1p1. It has expiry support and it does not have (or need) the "expired too long" check. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.