erbenson@alaska.net said: > scp does not create an interactive session, so it should be possible > for ssh to eschew password change enforcment for non-interactive > sessions. > this would allow users to avoid it by logging in by ssh host /bin/bash > but if they are that stubborn they will find other ways to get out of > changing their password. Sure, but it still ought to consume any grace logins the user has left, so once the password expires for good, all logins, passworded or not, should fail.
