Re: password expire and sshd doesn't allow ppl to change it

To: debian-security@lists.debian.org
Subject: Re: password expire and sshd doesn't allow ppl to change it
From: "Oyvind A. Holm" <sunny@ba.no>
Date: Sat, 22 Sep 2001 15:29:47 +0200 (CEST)
Message-id: <[🔎] Pine.LNX.4.40.0109221506080.3198-100000@sunba>
In-reply-to: <[🔎] 20010922033331.O14835@plato.local.lan>

On 2001-09-22 03:33 Ethan Benson wrote:

> On Sat, Sep 22, 2001 at 10:30:53AM +0200, Luca Gibelli wrote:
> > I created a new account for testing purposes and put the following
> > limits on its password age:
>
> known bug in potato's ssh, password expiration simply doesn't work
> with it, as soon as it expires ssh denies access flat out. your only
> option is either upgrading to woody or backporting the woody ssh
> package to potato (probably not very hard at all).
>
> i recommend backporting the sid ssh packages to potato. if someone
> hasn't already done that...

In fact I think the OpenSSH distributed with potato should be upgraded.
I could not use the version shipped with potato as it did not
understand protocol 2 which is a must. When trying to install
OpenSSH-2.2p2 (I think) from woody, dependencies with libc6-dev and
locales broke, they expect libc6 = 2.1.3-18, but OpenSSH needs
libc6-2.2.4-1. Quite weird it needs just that specific version - should
not the newer versions also work? Well, it messed up apt-get entirely,
and as a very new Debian user (less than a week) not too used to
apt-get and dpkg I just reinstalled the whole thing.

It resulted in me getting the whole OpenSSH, OpenSSL and zlib,
compiling and putting it under a new directory
/usr/local/noapt/ to avoid collisions with apt-get.

Is there a clean way of upgrading the SSH package and avoid the
conflicts?

Apart from that, Debian is just GREAT. I've been using RedHat since
1997 or something, but that has undoubtedly changed. I like the
philosophy of not moving the bleeding-edge stuff into the stable
release before one's sure it WORKS. And Debian does that.

Having that in mind, I disagree a bit with myself when asking for an
SSH upgrade. :-)

When upgrading from RedHat 6.1 (If it works don't fix it) I had to
examine their 7.1 release closely due to their unstable gcc episode in
7.0. Finding they included the (in my opinion) unstable 2.4.something
kernel, the choice was easy. It had to be Debian. And it will stay that
way.

   - Øyvind

+===================================================================+
| OpenPGP: 0xAD19826C 2000-01-24 Oyvind A. Holm <sunny256@mail.com> |
| Fingerprint: EAE5 DCA0 0626 5DAA 72F8  0435 2E2B E476 AD19 826C   |
+=========== 2 + 2 = 5 for extremely large values of 2. ============+

Reply to:

Follow-Ups:
- Re: password expire and sshd doesn't allow ppl to change it
  - From: Ethan Benson <erbenson@alaska.net>
- Re: password expire and sshd doesn't allow ppl to change it
  - From: Ilkka Tuohela <Ilkka.Tuohela@nixu.com>
- Re: password expire and sshd doesn't allow ppl to change it
  - From: Hubert Chan <hackerhue@geek.com>

References:
- Re: password expire and sshd doesn't allow ppl to change it
  - From: Ethan Benson <erbenson@alaska.net>

Prev by Date: Re: setuid changes
Next by Date: Re: password expire and sshd doesn't allow ppl to change it
Previous by thread: Re: password expire and sshd doesn't allow ppl to change it
Next by thread: Re: password expire and sshd doesn't allow ppl to change it
Index(es):
- Date
- Thread