[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Change Password when Password Expires



On Sat, 15 Apr 2000, paul wrote:

> How can I setup PAM so that when a users password has expired, it prompts
> the user to change it.

> I modified the login program to do this, but that does no good when a
> user logs in via ssh of telnet. I figure that the best place to make the
> changes is in PAM.

> Any body done this before ?

Anything that works for login will also work for telnet, because telnet calls
login to do the authentication.

Making this work from ssh is a bit of a problem:  for whatever reason, sshd
deals with expired passwords by invoking '/usr/bin/passwd <username>', which
only works if run as root.  This is something that should probably be
addressed, so that sshd calls pam_chauthtok() instead on pam-enabled systems.

Steve Langasek
postmodern programmer



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []