Re: password expire and sshd doesn't allow ppl to change it
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Oyvind" == Oyvind A Holm <email@example.com> writes:
Oyvind> In fact I think the OpenSSH distributed with potato should be
Oyvind> upgraded. I could not use the version shipped with potato as it
Oyvind> did not understand protocol 2 which is a must.
Note: just because it is a must for you doesn't mean that you have the
right to insist that the version in potato gets upgraded. They only
upgrade potato packages to fix security problems, and maybe serious bugs
too. There are plenty of packages in potato that are missing features
that people need. If you need a newer version, either upgrade to woody
or sid, or compile from source.
Oyvind> When trying to install OpenSSH-2.2p2 (I think) from woody,
Oyvind> dependencies with libc6-dev and locales broke, they expect libc6
Oyvind> = 2.1.3-18, but OpenSSH needs libc6-2.2.4-1.
It's generally a bad idea (as you found out) to install woody packages
on a potato box. Compile the source instead. Or upgrade the whole
system to woody. Or sid.
Oyvind> It resulted in me getting the whole OpenSSH, OpenSSL and zlib,
Oyvind> compiling and putting it under a new directory /usr/local/noapt/
Oyvind> to avoid collisions with apt-get.
What you want to do is:
# apt-get build-dep openssh
And you may need to apt-get install fakeroot, if you haven't already.
Then as a normal user (in your home directory, or a subdirectory
# apt-get source openssh
# cd openssh-<version number>
# fakeroot debian/rules binary
# cd ..
And then, as root:
# dpkg -i <all the .deb files that it created>
If problems arise in the build process, you may need to muck around in
the debian/rules script, or some other things in the debian directory.
Of course, this is all assuming that you have the appropriate source
lines in your sources.list file.
Hubert Chan <firstname.lastname@example.org> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint: 6CC5 822D 2E55 494C 81DD 6F2C 6518 54DF 71FD A37F
Key available at wwwkeys.pgp.net. Please encrypt *all* e-mail to me.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----