> As for prompting for a password even with RSA authentication, this would > severly break configurations using ssh to copy files and run scripts > automatically (without requiring a password). What if your cron'd remote > mirroring scp fails (for 2 days straight) because your password expired on > a Saturday and it prompts you to change it even though you use RSA key > authentication for your scripts ? I can think of many more examples where > the above would be unwanted. Then the admin should remove expiry info for that account. Bypassing a security feature for the sake of laziness isn't a good excuse. -- -----------=======-=-======-=========-----------=====------------=-=------ / Ben Collins -- ...on that fantastic voyage... -- Debian GNU/Linux \ ` bcollins@debian.org -- bcollins@openldap.org -- bcollins@linux.com ' `---=========------=======-------------=-=-----=-===-======-------=--=---'
