Just had a look at adding support for PAM_NEW_AUTHTOK_REQ in dropbear like so:
--- a/svr-authpam.c
+++ b/svr-authpam.c
- if ((rc = pam_acct_mgmt(pamHandlep, 0)) != PAM_SUCCESS) {
+ rc = pam_acct_mgmt(pamHandlep, 0);
+ if (rc == PAM_NEW_AUTHTOK_REQD) {
+ rc = pam_chau
On Tue, 2016-04-19 at 12:59 +0200, Joakim Tjernlund wrote:
> Just had a look at adding support for PAM_NEW_AUTHTOK_REQ in dropbear like so:
> --- a/svr-authpam.c
> +++ b/svr-authpam.c
> - if ((rc = pam_acct_mgmt(pamHandlep, 0)) != PAM_SUCCESS) {
> + rc = pam_acct_mgmt(pamHandlep, 0);
>
Hi Joakim,
Does this work for changing passwords? I'm not entirely clear on what
pam_chauthtok() does, but if it tries a PAM conversation with the user it won't
work - Dropbear's PAM password login is a bit of a hack to just reply with the
given password. (There's a branch
https://secure.ucc.a
On Fri, 2016-04-22 at 21:48 +0800, Matt Johnston wrote:
> Hi Joakim,
>
> Does this work for changing passwords? I'm not entirely clear on what
> pam_chauthtok() does, but if it tries
Yes, it is about changing passwd. pam_chauthtok() is the pam function that does
that.
However, I decided to ta
On Fri, 2016-04-22 at 21:48 +0800, Matt Johnston wrote:
> Hi Joakim,
>
> Does this work for changing passwords? I'm not entirely clear on what
> pam_chauthtok() does, but if it tries
> a PAM conversation with the user it won't work - Dropbear's PAM password
> login is a bit of a hack to just
> r
