password change after expiry
Marcin N
nichu at WYTNIJ.onet.pl
Wed Mar 12 03:49:26 EDT 2008
Russ Allbery wrote:
> Marcin N <nichu at nospam.onet.pl> writes:
>
>> Oh yeah I forgot to write about it :/
>>
>> I'm using mit-krb5 on gentoo - it's on clients server is on debian
>> (krb5-kdc and krb5-admin-server 1.4.4-7etch4) but probably will be on
>> solaris
>
> What PAM module are you using on Gentoo? I don't know which one they
> ship. Mine should prompt you for a new password for an expired password.
>
> You don't, however, say whether you're using console login or ssh. For
> expired account password changes via ssh, you have to use
> ChallengeResponseAuthentication. PasswordAuthentication doesn't have
> sufficient interactivity in the protocol to handle the prompting.
>
Hi
Thank You for trying to help me :)
pam module on gentoo:
* sys-auth/pam_krb5
Latest version installed: 1.0-r1
Homepage: http://www.fcusack.com/
Description: Pam module for MIT Kerberos V
License: BSD GPL-2 as-is
i'm trying to login via console and ssh - i have
ChallengeResponseAuthentication option enabled i sshd_config.
But it doesn't prompt for password change :/
during login via console there is notice
"Password expired. You must change it now"
and via ssh - it only echoes Connection closed by ...
Regards
nichu
More information about the Kerberos
mailing list