I created a new account for testing purposes and put the following limits on
its password age:
Minimum: 0
Maximum: 180
Warning: 0
Inactive: 0
Last Change: Mar 23, 2001
Password Expires: Sep 19, 2001
Password Inactive: Never
Account Expires: Never
(Please note that Inactive is set to 0)
Today is Sep 22. I tried to login via ssh and this is what happens:
root@mosquito:/# ssh [EMAIL PROTECTED]
Enter passphrase for RSA key 'mosquito 11-Ott-2k':
[EMAIL PROTECTED]'s password:
Permission denied, please try again.
[EMAIL PROTECTED]'s password:
If I use telnet (I enabled it only for this test) everything seems to work:
Escape character is '^]'.
Linux & C. - Debian GNU/Linux 2.2 karma
karma login: bofh
Password:
You are required to change your password immediately (password aged)
Changing password for bofh
(current) UNIX password:
This is what I can see from auth.log:
Sep 22 10:23:04 karma sshd[13232]: password expired by aging for "bofh",
continuing
Sep 22 10:23:08 karma sshd[13232]: Accepted rsa for bofh from 151.28.120.93
port 33672
Sep 22 10:23:08 karma PAM_unix[13232]: expired password for user bofh
(password
aged)
Sep 22 10:23:08 karma sshd[13232]: PAM rejected by account configuration:
Authentication token is no longer valid; new one required.
Sep 22 10:23:08 karma sshd[13232]: Faking authloop for illegal user bofh
from 151.28.120.93 port 33672
Sep 22 10:23:14 karma sshd[13232]: Connection closed by 151.28.120.93
Sep 22 10:23:14 karma PAM_unix[13232]: (ssh) session closed for user bofh
I tried doing the same thing on a woody system and it worked just fine.
Is it a problem which affects only potato?
What shall I do to fix it (except upgrading to woody...) ?
--
Luca Gibelli ([EMAIL PROTECTED] || [EMAIL PROTECTED])
PGP Fingerprint: EC7C D6D2 D754 89F8 BDE8 8924 6341 3B07 C2F3 9102
PGP Key Available on: Key Servers || http://gibelli.oltrelinux.com/gibelli.asc
BOFH excuse 179:
The lines are all busy (busied out, that is -- why let them in to begin with?).
PGP signature
