SUMMARY(2): SSH2 & forcing password problem

From: <dominik_kowalczyk_at_poczta.fm>
Date: Wed Jan 14 2004 - 09:05:13 EST
there were some requests to say more about scripts...

so in fact it's nothing big;
1. creating user:
scipt creates user, set default (not blank!!!) start password and create
stamp-file (e.g. $LOGNAME.pass)
2. first login
in profile there is executed script to check if stamp-file exists, if yes,
user is asked for a new password (standard passwd $LOGNAME command);
after password has been changed stamp-file is deleted;
3. IMPORTANT: we cannot allow password to expire (SSH2 not support password
forcing!)
I've written script to check passwords' expire date, and if (lets say) 7 days
left, a stamp-file is created again and user is forced to change password
if use this idea, the passwords will never expire
4. change password
the script deletes the user's password (not necessary in fact), set default
one and create stamp-file to force user to change the default password during
the first login;

and it works fine for me:)
is this answer ok?


pozdr,
DK

__________________________________________________________________________
> hey,
>
> in fact I didn't get the answer for my question, but I've found sth on
> the
> net...
>
> so:
> this is well known bug: SSH2 supports passwords aging but doesn't support
> password root forcing yet(!!!) (acording to Darren Tuckers' OpenSSH site)
>
> what I've done:
> I've written a script that force user to change the password during first
> login and second one to monitor passwords' aging (we cannot allow password
> to
> expire!!!)
>
>
>
> pozdr,
> DK
>
> ___________________________________________________________________________
> > hey,
> >
> > I've installed ssh2 and since then I've got problem with forcing for a
> > new
> > password- does anyone had the same and have any solution for this???
> >
> > I've tried SSH2 3.1.0 and OpenSSH 3.7.1p2 and the result was the
> same...In
> > the
> > past, when I had SSH1 installed, everything was ok;
> >
> >
> > does anyone has asny idea or any other solution to force user to change
> > his
> > default password during the first login?
> >
> >
> >
> > thanks in advance,
> > DK
> > _______________________________________________
> > sunmanagers mailing list
> > sunmanagers@sunmanagers.org
> > http://www.sunmanagers.org/mailman/listinfo/sunmanagers
> _______________________________________________
> sunmanagers mailing list
> sunmanagers@sunmanagers.org
> http://www.sunmanagers.org/mailman/listinfo/sunmanagers
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
Received on Wed Jan 14 09:05:05 2004

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:26 EST