Julian Elischer <[EMAIL PROTECTED]> writes: > Ok so we'll have to miss 4.8. Does making it work for PAM allow it to > work for ssh?
I don't understand what you mean - PAM already supports password expiry and changing, so it should work for console logins at least (though to be honest I never tested it very thoroughly). The problem with ssh is that password changing is supposed to happen at a later point than authentication, and the way the monitor currently works makes it very awkward to implement. For PAM, I can probably cheat by pretending that password changing is part of the authentication procedure (which it normally isn't in ssh), but it'll only work for ssh2 since the ssh1 challenge-response mechanism doesn't allow multiple challenges. DES -- Dag-Erling Smørgrav - [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
