03-15-2009
I'd have expected this behaviour to be the way it was designed.
Thinking about it, you're forcing the user to change their password, but how do you know that the correct user is changing the appropriate password? SSH requires you to authenticate to log in - how can you do this if your forcing a password change on the user? SSH can't determine if you're the user in question.
To put it more simply, you need to be authenticated before you're allowed to change your password, for security reasons. Logging in via SSH would mean that the initial authentication is failing/problematic.
I normally set a simple default password for the user and get them to change it themselves after first logging in - there may be easier ways of doing it, but I haven't found it.
10 More Discussions You Might Find Interesting
1. Solaris
Hi, how do I go about forcing users to change their password every, say, 30 days?
Aaron (1 Reply)
Discussion started by: amheck
1 Replies
2. Solaris
Hi,
I would like to login from a Sun server running ssh:
Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
to
ssh: SSH Secure Shell 3.0.1 on sparc-sun-solaris2.6
How can I achieve this?
Thanks a million in advance (1 Reply)
Discussion started by: newbewie
1 Replies
3. Solaris
Hello All,
I have several solaris boxes running Solaris 8. When changing root passwords on them, all will simply ask for the new root password to change and of course to re-type the new password. One of the systems however asks for the existing root password before it will display the new password... (8 Replies)
Discussion started by: tferrazz
8 Replies
4. UNIX for Dummies Questions & Answers
Hi, on a lab computer another user (who is a sudoer) changed my password without my permission. I'm pretty positive it was her, though I can't conclusively prove it. I had my friend, who is another sudoer on the machine, fix it and make me a sudoer now too.
So everything is fine, but I want... (0 Replies)
Discussion started by: declannalced
0 Replies
5. AIX
Hello together,
I have a Problem with openssh on AIX 5.3.
We have a big amount of AIX-hosts that run with openssh but one donīt!
Every time we try to connect via ssh to the host, we get a password prompt.
The myth ist, that there is no Error or somthing else.
Here the output of ssh -vvvv to... (14 Replies)
Discussion started by: heifei
14 Replies
6. Solaris
How do I change root password in SolarisExpress 11?
I used passwd while elevated to root and all it changes is the password of the user I am logged in, not te root password. (2 Replies)
Discussion started by: taltamir
2 Replies
7. Shell Programming and Scripting
I have a master host I want to use to issue some start/stop of LDAP services.
I changed the client hosts /etc/sudoers to have
Defaults:infra !requiretty
The master host kicks off the jobs using the infra account doing a ssh session to the infra account on the clients.
#!/bin/ksh
ps -fu... (5 Replies)
Discussion started by: J-Man
5 Replies
8. Solaris
Hello All,
I have Sun DSEE7 (11g) on Solaris 10.
I have run idsconfig and initialized ldap client with profile created using idsconfig.
My ldap authentication works. Here is my pam.conf
# Authentication management
#
# login service (explicit because of pam_dial_auth)
#
login ... (3 Replies)
Discussion started by: pandu345
3 Replies
9. SuSE
Hi,
I use a software which can create account on many system or application.
One of resource which is managed by this soft his a server SUSE Linux Enterprise Server 10 (x86_64). patch level 3.
This application which is an IBM application use ssh to launch command to create account in... (3 Replies)
Discussion started by: scabarrus
3 Replies
10. Linux
Hi
We have a requirement to vary the minimum password criteria by the group to which a user belongs.
For example a standard user should have a password with a minimum length of 12 and containing a mix of characters whereas an administrator should have a password with a minimum length of 14... (1 Reply)
Discussion started by: gregsih
1 Replies
LEARN ABOUT DEBIAN
lchage
lchage(8) System Manager's Manual lchage(8)
NAME
lchage - Display or change user password policy
SYNOPSIS
lchage [OPTION]... user
DESCRIPTION
Displays or allows changing password policy of user.
OPTIONS
-d, --date=days
Set the date of last password change to days after Jan 1 1970.
-E, --expire=days
Set the account expiration date to days after Jan 1 1970. Set days to -1 to disable account expiration.
-i, --interactive
Ask all questions when connecting to the user database, even if default answers are set up in libuser configuration.
-I, --inactive=days
Disable the account after days after password expires (after the user user is required to change the password).
-l, --list
Only list current user's policy and make no changes.
-m, --mindays=days
Require at least days days between password changes. Set days to 0 to disable this checking.
-M, --maxdays=days
Require changing the password after days since last password change. Set days to 99999 to disable this checking.
-W, --warndays=days
Start warning the user days before password expires (before the user is required to change the password).
EXIT STATUS
The exit status is 0 on success, nonzero on error.
libuser Jan 12 2005 lchage(8)