Re: Password Ageing
From: Markus Friedl (markus_at_openbsd.org)
Date: Thu, 25 Aug 2005 09:53:20 +0200 To: "Baker, Darryl" <Darryl.Baker@gedas.com>
On Tue, Aug 23, 2005 at 12:45:46PM -0400, Baker, Darryl wrote:
> Our corporate security policy requires us to turn on password ageing. I'm
> trying to figure out what the effects are to openssh users. This is on
> Solaris 8 & 9 with openssh 3.9p1.
> I have several questions:
> 1) Will ssh users ever see the warnings about their password
> approaching expiration?
> 2) If the password has expired will they still be able to log in:
> a) using a password?
> b) using a key?
yes, since its passwd expiration, and not account expiration. they
are something different.
> 3) Would UseLogin improve any of this?
uselogin is not recommended.