Hello ,
Check whether the password management and the authentication management
are using the same module for . If the authentication is using PAM Kerberos and
password change is using PAM Unix then that can be a problem .
Regards
Bandi
Lucian Daniel Kafka wrote:
> Hi folks!
>
> Today I have been faced with a strange problem.
>
> I have tried to ssh into a box (RH 7.1) as root (nothing unusual), and was
> prompted with the following message:
>
> #You are required to change your password immediately (password aged)
> #Warning: Your password has expired, please change it now
> #Changing password for root
> #(current) UNIX password:
>
> After entering the current password, the response was:
>
> #You must wait longer to change your password
>
> The corresponding /var/log/secure entries were:
>
> # Accepted password for ROOT from 203.98.95.236 port 1107
> # fatal: PAM pam_chauthtok failed[20]: Authentication token manipulation error
>
> The PAM rpm version is: pam-0.75-18.7
>
> So as a result it was impossible to log in at all. Anyone has seen this
> before and knows what the problem is?
>
> Cheers,
>
> Luci
>
> _______________________________________________
>
> Pam-list@redhat.com
> https://listman.redhat.com/mailman/listinfo/pam-list
