A couple of problems have been encountered in testing
ssh 1.2.26 on the UNICOS (cray)9.0.2 operating system.
I'm wondering if later versions of ssh have fixed these
problems or if anyone else has encountered them.
The most serious problem is if the user's password
is set to force. This is commonly done for new usrs;
the user password is set to some default value, but it
is also set to force, which means as soon as the user
logs in for the first time, he/she must immediately
change the password. With the debug flag set, this is
what happens:
localhost> slogin cray123
debug: debug: debug: debug: debug: debug: Determine if user [userabc] is allowed
access.
log: executing remote command as user userabc
debug: Returned IA_UDBEXPIRED
Please choose a new password.
debug: Returned IA_UDBPWDNULL
sshd: Login incorrect, (025)
Connection to cray123 closed.
So, it is impossible for the user to login with ssh for the
first login to a UNICOS system running this version of ssh.
It appears to me that ssh can't tolerate the temporary
NULL password state.
The second problem has to do with the users account (accids)
on the UNICOS system. The user must respond to the following
question about what account to use for the ssh session being
initialized:
Your account configuration also allows you to enter any valid account name.
Account (? for available accounts) [xxx.123]:
where xxx.123 is the users default account.
Some users have reported being summarily dumped at this
point, unable to start a UNICOS session at all. Other
users can just carriage return, and proceed. This is
annoying because at the very least, it differs from the
way rlogin works.
I'm interested in hearing from any users who may have
run into these problems, or maybe has a work around for them.
Thanks.
Mary McCann
=====================================================
Mary McCann Vmail: (301) 572-8901 mbox 5330
Email: [EMAIL PROTECTED]
=====================================================
