LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-25-2008, 12:23 PM   #1
ssy68
LQ Newbie
 
Registered: Jan 2008
Posts: 10

Rep: Reputation: 0
pam.d/sshd config for passwd expiration


I'm trying to make ssh login force the user to change his password when the password expired. I got the prompt to enter current password, but the new password was never successfully changed.

The console log is:
->ssh sshuser@xx.xx.xx.xx
Password: => I entered current password here
You are required to change your password immediately (root enforced)
Changing password for sshuser
(current) UNIX password: => I entered current password here
Password unchanged

Password: => I entered current password here
You are required to change your password immediately (root enforced)
Changing password for sshuser
(current) UNIX password: => I entered new password
Password: => I entered new password
Permission denied (publickey,keyboard-interactive).


Is this controlled by pam.d/sshd configuration? Is anything wrong with my config file?

my sshd is:
# Begin /etc/pam.d/sshd

auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session required pam_limits.so
session optional pam_console.so

# End /etc/pam.d/sshd

Thanks.
 
Old 03-26-2008, 08:41 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,361
Blog Entries: 55

Rep: Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547
Quote:
Originally Posted by ssy68 View Post
Is this controlled by pam.d/sshd configuration?
Config looks OK. As you see most of the PAM stack is in /etc/pam.d/system-auth, look there. Also the logs may show PAM-related info or warnings.
 
Old 03-26-2008, 11:05 AM   #3
ssy68
LQ Newbie
 
Registered: Jan 2008
Posts: 10

Original Poster
Rep: Reputation: 0
I modified system-auth, now it works. Thanks.
 
Old 03-26-2008, 11:56 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,361
Blog Entries: 55

Rep: Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547
So, what did you modify?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Swat uses PAM but changes linux passwd not samba passwd Peter@KKVS Linux - Networking 0 11-26-2006 05:20 AM
pam or sshd ignoring max retries; 8 > 3 antieagles Linux - Security 0 09-29-2004 01:45 PM
PAM and sshd, major problems KneeLess *BSD 0 06-06-2004 03:00 PM
/etc/pam.d/passwd leandrop Linux - Security 1 09-30-2003 02:06 PM
Setting up Passwd expiration details deepika Linux - Newbie 1 07-17-2003 05:28 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 04:23 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration