On Sun, 10 Sep 2000, Ethan Benson wrote: > On Sun, Sep 10, 2000 at 03:57:37PM -0400, Paul Nicholas Faure wrote: > > > telnet just spawns /bin/login so it uses /etc/pam.d/login > > > > > > ssh is just broken in regards to handling expiration correctly > > > (OpenSSH 1.2.3 will just deny access when a password is expired, when > > > it should force the user to change it) > > > > > > annoying. (i don't know how to fix it unforunatly) > > > > I have openssh-2.1.1p4-1, and it allows access if the pssword expired, but > > give a nice little warning "Your password has expired, please change it.". > > hmm that must be fixed in openssh 2 (notice above i mention openssh > 1.2.3) Just upgraded to the latest and greatest (openssh-2.2.0p1-2), and the error is still there... > > Does regular SSH have this same problem ? > > you mean ssh-nonfree? i have no idea i have not used that since > openssh came along. Yea, ssh-nonfree. I could use it, because it is now free to Universities. > does openssh2 force the user to change the password or just nag them? > it really needs to force the issue like login does to be effective. OpenSSH2 nags the users. No force. -- Paul Faure paul@paulfaure.com Carleton University Systems Engineer 3rd Year paul@porkchop.org Engsoc Admin/BOG Technical Director paul@engsoc.org
