Re: SSH ignores locked accounts
From: Vahid (sunman_at_ureach.com)
Date: 11/04/03
- Previous message: Chris: "openssh with empty passwords in DU"
- In reply to: Darren Tucker: "Re: SSH ignores locked accounts"
- Next in thread: UnixFan: "Re: SSH ignores locked accounts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 4 Nov 2003 14:00:02 -0800
Yes, that is now working in 3.7p1. Thank you.
I have been planning to upgrad our OpenSSH but it seems each snapshot
is better that the previous one, so I am not sure if I should wait
until not much update is done to openssh or just get the latest
snapshot and roll it out?
Also, I am not sure where is the release version in the snapshot and
in general if is it a good idea to get the latest snapshot or not.
Thanks again,
Vahid.
dtucker@dodgy.net.au (Darren Tucker) wrote in message news:<bo55jd$nsn$1@gate.dodgy.net.au>...
> In article <64b3dda3.0311021801.3116d7fa@posting.google.com>,
> Vahid <sunman@ureach.com> wrote:
> >In almost all versions of OpenSSSh, if key-based trust is used for an
> >account, the user can log-on to the system even if the account is
> >locked. In Solaris "*LK*" in password fiels of /etc/shadow file
> >indicates a locked account and it is ignored by openssh.
> >Is there a work-around or we have to live with it?
>
> As of 3.7p1 sshd will honour the locked account settings on Solaris
> (and many other platforms). The changes would be relatively easy to
> back-port to previous versions if someone was so inclined. If you're
> going to upgrade 3.7.1p2 is recommended.
- Previous message: Chris: "openssh with empty passwords in DU"
- In reply to: Darren Tucker: "Re: SSH ignores locked accounts"
- Next in thread: UnixFan: "Re: SSH ignores locked accounts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
