similar to: [Bug 14] Can't change expired /etc/shadow password without PAM

http://bugzilla.mindrot.org/show_bug.cgi?id=14 ------- Additional Comments From dtucker at zip.com.au 2003-01-09 23:17 ------- Created an attachment (id=199) --> (http://bugzilla.mindrot.org/attachment.cgi?id=199&action=view) Implement password change via /bin/passwd in session. openssh-passexpire10.patch: * Implementes shadow and AIX password expiry. * Adds general expire_message

http://bugzilla.mindrot.org/show_bug.cgi?id=14 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- BugsThisDependsOn| |463 ------- Additional Comments From dtucker at zip.com.au 2003-05-17 15:18 ------- Scott Burch found a bug in the PAM+PrivSep case

http://bugzilla.mindrot.org/show_bug.cgi?id=14 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- OtherBugsDependingO| |793 nThis| | ------- You are receiving this mail because: ------- You are on the CC list for

I have tried this patch (against 3.5p1) and would very much like it to be in the OpenSSH 3.6p1 release, if possible: http://bugzilla.mindrot.org/show_bug.cgi?id=14 On that note, I'd like the Sun BSM patch to be included also, if possible. I have it working applied to 3.5p1: http://bugzilla.mindrot.org/show_bug.cgi?id=125 In fact, both patches work together, apparently. If I have any

http://bugzilla.mindrot.org/show_bug.cgi?id=14 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED ------- Additional Comments From dtucker at zip.com.au 2003-04-15 09:57 ------- Patch against 3.6.1p1 now available. No

http://bugzilla.mindrot.org/show_bug.cgi?id=14 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #215 is|0 |1 obsolete| | ------- Additional Comments From dtucker at zip.com.au 2003-02-20 20:51 -------

http://bugzilla.mindrot.org/show_bug.cgi?id=14 ------- Additional Comments From dwd at bell-labs.com 2001-11-10 08:17 ------- Created an attachment (id=5) add suggested patch ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=14 stevesk at pobox.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|openssh-unix-dev at mindrot.org|stevesk at pobox.com Status|ASSIGNED |NEW ------- Additional Comments From stevesk at pobox.com

http://bugzilla.mindrot.org/show_bug.cgi?id=14 ------- Additional Comments From stevesk at pobox.com 2002-05-12 04:04 ------- i'm not immediately positive if no_port_forwarding_flag=1 is sufficient. need to investigate more. ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

http://bugzilla.mindrot.org/show_bug.cgi?id=14 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- OtherBugsDependingO| |627 nThis| | ------- You are receiving this mail because: ------- You are on the CC list for the

http://bugzilla.mindrot.org/show_bug.cgi?id=822 Bug 822 depends on bug 463, which changed state. Bug 463 Summary: PrintLastLog doesn't work in privsep mode http://bugzilla.mindrot.org/show_bug.cgi?id=463 What |Old Value |New Value ---------------------------------------------------------------------------- Resolution|FIXED |

http://bugzilla.mindrot.org/show_bug.cgi?id=463 m4gw4s at gmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|CLOSED |REOPENED Resolution|FIXED | ------- Comment #17 from m4gw4s at gmail.com 2006-10-27 23:31 -------

http://bugzilla.mindrot.org/show_bug.cgi?id=463 ------- Additional Comments From dtucker at zip.com.au 2003-05-10 12:59 ------- I've had a look at the OpenBSD source and I don't think OpenBSD *needs* a "Buffer loginmsg" right now. PrintLastLog can be easily fixed by updating s->last_login_time before the privsep split. So, is there another reason OpenBSD needs (or

http://bugzilla.mindrot.org/show_bug.cgi?id=822 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- BugsThisDependsOn| |884 ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=808 Summary: segfault if not using pam/keyboard-interactive mech and password's expired Product: Portable OpenSSH Version: 3.8p1 Platform: Sparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: PAM support

http://bugzilla.mindrot.org/show_bug.cgi?id=463 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #235 is|0 |1 obsolete| | Attachment #288 is|0 |1 obsolete|

http://bugzilla.mindrot.org/show_bug.cgi?id=463 Summary: PrintLastLog doesn't work in privsep mode Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: trivial Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

http://bugzilla.mindrot.org/show_bug.cgi?id=463 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED ------- Additional Comments From djm at mindrot.org 2003-06-28 17:48

Hi All. Attached is a patch that implements password expiry with PAM and privsep. It works by passing a descriptor to the tty to the monitor, which sets up a child with that tty as stdin/stdout/stderr, then runs chauthtok(). No setuid helpers. I used some parts of Michael Steffens' patch (bugid #423) to make it work on HP-UX. It's still rough but it works. Tested on Solaris 8 and

Without giving a solution, I want to mention the following problem: Not only changing expired passwords when privilege separation is enabled in combination with PAM is not working (although the current patches seem to solve this one). Also some PAM session modules do not work the way they are supposed to. For instance, the pam_lastlog module. This module gets and updates the last successful