search for: passwdexpires

...ng EXCEPT this. Security problem is, this allows access when access should be denied. Default for expires is -1, which means a password will expire as in maxage, but the user can change his password at anytime, however once set, access should be denied. Being a simple soul, I have added a routine passwdexpires ( AIX Lib ) directly after loginrestrictions with the same code. I think this should be urgently added to the code - hope this helps. auth.c /* mpi change expiresmsg */ #ifdef WITH_AIXAUTHENTICATE char *loginmsg; char *expiresmsg; int passexpcode; #endif /* WITH_AIXAUTHEN...

http://bugzilla.mindrot.org/show_bug.cgi?id=869 Summary: Password expiration does not work for LDAP users Product: Portable OpenSSH Version: -current Platform: PPC OS/Version: AIX Status: NEW Severity: critical Priority: P2 Component: Miscellaneous AssignedTo: openssh-bugs at mindrot.org

http://bugzilla.mindrot.org/show_bug.cgi?id=1046 Summary: AIX 5.3 Garbage on Login Product: Portable OpenSSH Version: 4.0p1 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: bitbucket at mindrot.org ReportedBy: rajsingh at hotmail.com

Hi All. Attached is a patch which adds AIX native password expiry support to sshd. It will only apply to -current and is a subset of the patch I have been working on in the last few months (see bug #14 [1]). It contains code by Pablo Sor, Mark Pitt and Zdenek Tlusty and fixes for bugs reported by many others (see [2] for a full list). It adds a do_tty_change_password function that execs

Hi All. Attached is a patch introduces password expiry handling for AIX (other platforms to follow). It is more or less the same as the previous patch but has been updated to reflect recent changes to auth-passwd.c I'm wondering if the AIX parts of auth.c should be moved to port-aix.c and if the generic password change functions (currently at the end of auth-passwd.c) belong in a separate

Hi All. With one eye on the do_pam_chauthtok() stuff I've merged contributions by Pablo Sor and Mark Pitt into a patch against -current. I'm interested in testers and suggestions for improvements. The patch extends the loginrestrictions test to include expired accounts (but unlike Mark's patch, doesn't log accounts with expired passwords unless they're locked) and adds

This is an attempt to simplify the AIX expiry-via-passwd stuff and make it more generic. (There's actually a net reduction in #ifdefs). Patch against CVS: 1) configure finds passwd. 2) sshd uses passwd during session if required. 3) sshd uses passwd for PAM change if privsep disabled. 4) sshd uses Buffers for expire and post-login messages (no longer AIX specific). 5) password_change_required

Is it possible to get sshd to report the number of days till a password expires after a login ? If not, how else could I do it ? Thanks ___________________________________________________________ Paul Faure paul at engsoc.carleton.ca

Hi, I have made a patch for AIX to report the number of days till a password expire and to prompt for a new one. This patch was made for openssh-SNAP-20010904.tar.gz (2.9p2) of the CVS repository. If you have any suggestion or question to submit, please cc to me, I'm not in the list. Bye -- Pablo Sor Departamento de Seguridad Informatica - AFIP psor at afip.gov.ar, psor at ccc.uba.ar

Compile openssh-3.8p1 with gcc and the following flags --prefix=/tmp/build/sshd --with-ssl-dir=/tmp/build/lib --with-utmpx, no PAM. Everything complies correctly, and I changed sshd_config to use "UseLogin yes" When my client connects (using the newer ssh client too), I do not get the message that my password will expire in xx days, but sshd shows that it is picking up that info (next

Hi there, I have just compiled up 3.6.1p2 both with and without Darren Tuckers passexpire patch. However, with the patch applied /etc/nologin isn't displayed to users (on AIX 5.1 / PSSP) The patched vesion seems to fail with "illegal user" - some parts of a debug 3 log... debug1: userauth-request for user ade45 service ssh-connection method none debug1: attempt 0 failures 0

http://bugzilla.mindrot.org/show_bug.cgi?id=1258 Summary: sftp-server run although Subsystem disabled Product: Portable OpenSSH Version: 4.3p1 Platform: Other OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sftp-server AssignedTo: bitbucket at mindrot.org ReportedBy:

http://bugzilla.mindrot.org/show_bug.cgi?id=14 ------- Additional Comments From dtucker at zip.com.au 2003-01-09 23:17 ------- Created an attachment (id=199) --> (http://bugzilla.mindrot.org/attachment.cgi?id=199&action=view) Implement password change via /bin/passwd in session. openssh-passexpire10.patch: * Implementes shadow and AIX password expiry. * Adds general expire_message

Hi, OpenSSH 7.8p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a bugfix release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at

Hello, I'm trying to setup a chroot for one user on my AIX 5.2 system I have tried with openssh 5.0 (don't know where it comes from) and as it didn't work, I have downloaded and compiled the current version (6.6p1) When I connect, password is checked, chroot is done, sftp subsystem is accepted, but I get disconnected without any error Below is all can say about my config (after

I have a few patches for AIX. The patchfile is attached below. The patch has been tested on AIX4.2 and AIX4.3. The patch is on openssh-1.2.1pre25, with openssl-0.94, using RSAref. 1) authenticate support - this function allows the system to determine authentification. Whatever the system allows for login, authenticate will too. It doesn't matter whether it is AFS, DFS, SecureID, local.