I created a new account for testing purposes and put the following limits on its password age:
Minimum: 0 Maximum: 180 Warning: 0 Inactive: 0 Last Change: Mar 23, 2001 Password Expires: Sep 19, 2001 Password Inactive: Never Account Expires: Never (Please note that Inactive is set to 0) Today is Sep 22. I tried to login via ssh and this is what happens: [EMAIL PROTECTED]:/# ssh [EMAIL PROTECTED] Enter passphrase for RSA key 'mosquito 11-Ott-2k': [EMAIL PROTECTED]'s password: Permission denied, please try again. [EMAIL PROTECTED]'s password: If I use telnet (I enabled it only for this test) everything seems to work: Escape character is '^]'. Linux & C. - Debian GNU/Linux 2.2 karma karma login: bofh Password: You are required to change your password immediately (password aged) Changing password for bofh (current) UNIX password: This is what I can see from auth.log: Sep 22 10:23:04 karma sshd[13232]: password expired by aging for "bofh", continuing Sep 22 10:23:08 karma sshd[13232]: Accepted rsa for bofh from 151.28.120.93 port 33672 Sep 22 10:23:08 karma PAM_unix[13232]: expired password for user bofh (password aged) Sep 22 10:23:08 karma sshd[13232]: PAM rejected by account configuration: Authentication token is no longer valid; new one required. Sep 22 10:23:08 karma sshd[13232]: Faking authloop for illegal user bofh from 151.28.120.93 port 33672 Sep 22 10:23:14 karma sshd[13232]: Connection closed by 151.28.120.93 Sep 22 10:23:14 karma PAM_unix[13232]: (ssh) session closed for user bofh I tried doing the same thing on a woody system and it worked just fine. Is it a problem which affects only potato? What shall I do to fix it (except upgrading to woody...) ? -- Luca Gibelli ([EMAIL PROTECTED] || [EMAIL PROTECTED]) PGP Fingerprint: EC7C D6D2 D754 89F8 BDE8 8924 6341 3B07 C2F3 9102 PGP Key Available on: Key Servers || http://gibelli.oltrelinux.com/gibelli.asc BOFH excuse 179: The lines are all busy (busied out, that is -- why let them in to begin with?).
pgpw26CYN3LpS.pgp
Description: PGP signature
