password about to expire notification - SSH

This is a discussion on password about to expire notification - SSH ; Hi, Is there a way to query SSH periodically in order to obtain a list of users whose password is about to expire in x number of days? Thanks, Van Smith...

+ Reply to Thread
Results 1 to 4 of 4

Thread: password about to expire notification

  1. password about to expire notification

    Hi,

    Is there a way to query SSH periodically in order to obtain a list of
    users whose password is about to expire in x number of days?

    Thanks,

    Van Smith


  2. Re: password about to expire notification

    vsmith23@gmail.com writes:

    > Hi,
    >
    > Is there a way to query SSH periodically in order to obtain a list of
    > users whose password is about to expire in x number of days?


    This is much more a function of the operating system of the machines
    involved and the authentication means used than it is of ssh.

    --
    Todd H.
    http://www.toddh.net/

  3. Re: password about to expire notification

    On 2007-09-13, vsmith23@gmail.com wrote:

    > Is there a way to query SSH periodically in order to obtain a list of
    > users whose password is about to expire in x number of days?


    You want to query the OS, not SSH.

    Details depend on the OS, but may involve options to the passwd command
    and/or numbers in the /etc/shadow file.

    Whether password expiry is worth having is another matter -
    I think it usually isn't.

    --
    Elvis Notargiacomo master AT barefaced DOT cheek
    http://www.notatla.org.uk/goen/

  4. Re: password about to expire notification

    all mail refused wrote:
    > Whether password expiry is worth having is another matter -
    > I think it usually isn't.


    It can actually reduce security, since people being forced to change
    their password before they can get some work done are increasingly
    likely to pick weak passwords and reuse them from other services.

    I agree with Bruce Schneier on this issue: Pick strong,random passwords,
    allow one paper copy of them, but encourage users to treat the written
    down password like a credit card. And don't expire them.

+ Reply to Thread