Re: Forcing new password at login (w/o requiring an old password) (sudo related)
From: Darren Tucker (dtucker_at_gate.dodgy.net.au)
Date: 09/03/05
- Previous message: Angry American: "Re: allowing sftp but not ssh?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 03 Sep 2005 13:45:56 GMT
On 2005-08-25, Andrew Gideon <c182driver@gideon.org> wrote:
> Darren Tucker wrote:
>> If you're using PAM then the user will be forced to set a new password
>> when the existing one expires regardless of the authentication method.
>
> What I found in testing is that I could expire the password, which prevents
> login (even via the key pair). But I never saw the message that should be
> appearing when in the warning period.
Password expiry has a surprising number of corner cases and I think that's
a known one: http://bugzilla.mindrot.org/show_bug.cgi?id=1053
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
- Previous message: Angry American: "Re: allowing sftp but not ssh?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
