Re: OpenSSH and password expiry
On Tue, Nov 12, 2002 at 06:43:47PM -0500, Zak Johnson wrote: > I want to force new users to change their passwords immediately upon > first login. I set the "change" field in master.passwd to 1 (via pw > useradd ... -p 1). Logging in via login(1) works as expected---the user > is prompted to change the password and then logs in as usual. However, > my users only connect via ssh, which instead yields the following logs: To answer my own question: the code for handling expired passwords has been commented out of OpenSSH since 3.1; there are rumours on the list that it may be fixed by 3.6. -Zak To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
OpenSSH and password expiry
[Please CC me on replies, as I am not subscribed to this list.] I want to force new users to change their passwords immediately upon first login. I set the "change" field in master.passwd to 1 (via pw useradd ... -p 1). Logging in via login(1) works as expected---the user is prompted to change the password and then logs in as usual. However, my users only connect via ssh, which instead yields the following logs: PAM rejected by account configuration[12]: Authentication token is no longer valid; new one required. Failed password for testuser from 127.0.0.1 port 3367 ssh2 The user sees: $ ssh testuser@localhost testuser@localhost's password: Connection to localhost closed by remote host. Connection to localhost closed. What have I done wrong? -Zak To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
