Re: OpenSSH 3.4 on 5.2 can't connect when password expires

From: John Jolet (john.jolet@FXFN.COM)
Date: Mon Apr 14 2003 - 14:34:00 EDT

• Next message: Alan Vidmar: "OpenSSH 3.6.1p1"
• Previous message: Barry Finkel: "Re: head or tail"
• Maybe in reply to: Wesley Joyce: "OpenSSH 3.4 on 5.2 can't connect when password expires"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

ssh will prompt you to change your password when it's expired. i wouldnt'
call it a problem. It might depend on the "use login" feature of the
sshd_config file.

-----Original Message-----
From: Wesley Joyce [mailto:wjoyce@UVI.EDU]
Sent: Monday, April 14, 2003 1:23 PM
To: aix-l@Princeton.EDU
Subject: Re: OpenSSH 3.4 on 5.2 can't connect when password expires

Well.... telnet access for example prompts a user to change the password
when their password expires. Obviously I am getting rid of telnet and
replacing it with SSH. So is this a security feature of OpenSSH? Note
that ssh.com doesn't have this problem (security feature), at least on my
4.3.3 host.

And yes, root is not allowed to log on remotely.

Still looking for an answer...

At 11:59 AM 4/14/2003, MARLON BORBA wrote:

>AFAIK the normal procedures for expired passwords (i.e. resetting the
>password, clearing failed login count, unblocking user's account etc).
>
>I presume you are a security-aware admin and only allow root logins from
>console and SUDO for privileged commands, right? :-)
>
>HTH,
>
>Marlon.
>
>/*
>Marlon Borba
>Divisao de Suporte Tecnico
>TRF 3a. Regiao
>(11) 3311-4683 e 9692-8357
>mborba@trf3.gov.br - marlonborba@acm.org
>-------
>Association for Computing Machinery
>Member #UK42160
>Internet Society
>Member #1330387
>*/
>
> >>> wjoyce@UVI.EDU 14/04/03 12:37 >>>
>Greetings, what is the fix for not being able to log on to an AIX 5.2 host
>running AIX Linux Toolbox's OpenSSH 3.4p1 when the users password has
expired?
>
>
>
>Wesley Joyce, Systems Administrator
>Center for Administrative Computing (CAC), IT
>University of the Virgin Islands
>#2 John Brewers Bay, St. Thomas, USVI 00802-9990
>(340) 693-1469 (voice) / (340) 693-1465 (fax)
>http://www.uvi.edu
>
>"If you can't explain it simply, than you don't know it well enough. -
>Unknown."
>
>
>
>
>---
>Incoming mail is certified Virus Free.
>Checked by AVG anti-virus system (http://www.grisoft.com).
>Version: 6.0.471 / Virus Database: 269 - Release Date: 4/10/2003

• Next message: Alan Vidmar: "OpenSSH 3.6.1p1"
• Previous message: Barry Finkel: "Re: head or tail"
• Maybe in reply to: Wesley Joyce: "OpenSSH 3.4 on 5.2 can't connect when password expires"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:16:44 EDT