Re: Forcing new password at login (w/o requiring an old password) (sudo related)
From: Darren Tucker (dtucker_at_gate.dodgy.net.au)
Date: 03 Sep 2005 13:45:56 GMT
On 2005-08-25, Andrew Gideon <email@example.com> wrote:
> Darren Tucker wrote:
>> If you're using PAM then the user will be forced to set a new password
>> when the existing one expires regardless of the authentication method.
> What I found in testing is that I could expire the password, which prevents
> login (even via the key pair). But I never saw the message that should be
> appearing when in the warning period.
Password expiry has a surprising number of corner cases and I think that's
a known one: http://bugzilla.mindrot.org/show_bug.cgi?id=1053
-- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.