This is a discussion on Re: Only one chance to enter a new password? - openssh ; On Thu, Jan 19, 2006 at 12:24:19PM +0000, Richard Dickens wrote: > We are using OpenSSH_3.9p1, OpenSSL 0.9.7d 17 Mar 2004 on various > Solaris boxes with PAM and an LDAP server back end. > > Recently we have added ...
On Thu, Jan 19, 2006 at 12:24:19PM +0000, Richard Dickens wrote:
> We are using OpenSSH_3.9p1, OpenSSL 0.9.7d 17 Mar 2004 on various
> Solaris boxes with PAM and an LDAP server back end.
> Recently we have added a requirement for users to have complex
> passwords. The problem is, if a user's password has expired, when they
> log in they are prompted for a new password (good) but if they enter a
> non-complex new password the session is closed rather than reprompting
> them for another try. With some PC clients they see nothing which is
> causing a lot of support calls...
How does 4.2p1 (or better, a current snapshot) behave with regard to this?
There were several changes in that area since 3.9.
> Is they any way to reprompt the user for another password?
Depends on exactly what's going on. Can you post the output from the
client while this is going on? (ssh -vvv yourserver)
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
openssh-unix-dev mailing list