[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian stable, OpenSSH, PAM, and password expiration

On (15/04/05 17:51), FICOS wrote:
> Hi,
> I recently switched a server over to Debian stable, and have run into a 
> problem trying to turn on password aging.  Whenever a user's password is 
> expired SSH won't let them log in, and it acts as if an incorrect 
> password was entered.  After some Googling I was only able to find an 
> old discussion about a similar problem from 2001 that says that it works 
> in unstable but not in stable:
Can't say, it's not something I've examined.

> http://lists.debian.org/debian-devel/2001/04/msg00509.html
> Is this still the case?  Would I need to use the SSH server from 
> unstable to get password aging to work?  If I understand the Debian 
> branches right, though, unstable isn't covered by the security team, 
> which doesn't sound like something I want to live with.  The other 
> option would seem to be just installing OpenSSH from source and keep an 
> eye out for patches, but the reason I went to Debian for this box was to 
> get away from this server's previous incarnation, which was an 
> unmanageable mix of RPMs from several different distribs and 
> compiled-from-source apps.
You have two (amongst many choices):
Upgrade to sarge (which will be the next stable) - not recommended for
servers exposed to the internet but on a LAN, are very solid.

Obtain a backport of a later version of ssh:



> Any tips?  Is this actually fixed in stable and I'm just hitting some 
> other weird bug or do I need to get off of the stable OpenSSH somehow?
> -- 
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact 
> listmaster@lists.debian.org

www.clivemenzies.co.uk ...
...strategies for business

Reply to: