Re: Forcing new password at login (w/o requiring an old password) (sudo related)

From: Darren Tucker (dtucker_at_gate.dodgy.net.au)
Date: 09/03/05

  • Next message: Darren Tucker: "Re: problems regarding "This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin""
    Date: 03 Sep 2005 13:45:56 GMT
    
    

    On 2005-08-25, Andrew Gideon <c182driver@gideon.org> wrote:
    > Darren Tucker wrote:
    >> If you're using PAM then the user will be forced to set a new password
    >> when the existing one expires regardless of the authentication method.
    >
    > What I found in testing is that I could expire the password, which prevents
    > login (even via the key pair). But I never saw the message that should be
    > appearing when in the warning period.

    Password expiry has a surprising number of corner cases and I think that's
    a known one: http://bugzilla.mindrot.org/show_bug.cgi?id=1053

    -- 
    Darren Tucker (dtucker at zip.com.au)
    GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
        Good judgement comes with experience. Unfortunately, the experience
    usually comes from bad judgement.
    

  • Next message: Darren Tucker: "Re: problems regarding "This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin""