home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
kermit.columbia.edu
/
kermit.columbia.edu.tar
/
kermit.columbia.edu
/
newsgroups
/
misc.20031118-20041115
/
000407_slash_dev_slas…_2000@yahoo.com_Sun Sep 26 10:59:45 2004.msg
< prev
next >
Wrap
Internet Message Format
|
2004-11-14
|
3KB
Path: newsmaster.cc.columbia.edu!panix!newsfeed.mathworks.com!newsfeed2.dallas1.level3.net!news.level3.com!postnews1.google.com!k17g2000odb.googlegroups.com!not-for-mail
From: "Mark Sapiro" <slash_dev_slash_null_2000@yahoo.com>
Newsgroups: comp.protocols.kermit.misc
Subject: Re: Kermit 95 NOT prompting for new password after expiration
Date: 25 Sep 2004 17:06:56 -0700
Organization: http://groups.google.com
Lines: 55
Message-ID: <1096157216.098407.240810@k17g2000odb.googlegroups.com>
References: <2482a3ad.0409231054.757cd642@posting.google.com>
NNTP-Posting-Host: 209.182.169.133
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
X-Trace: posting.google.com 1096157216 4711 127.0.0.1 (26 Sep 2004 00:06:56 GMT)
X-Complaints-To: groups-abuse@google.com
NNTP-Posting-Date: Sun, 26 Sep 2004 00:06:56 +0000 (UTC)
User-Agent: G2/0.2
Complaints-To: groups-abuse@google.com
Injection-Info: k17g2000odb.googlegroups.com; posting-host=209.182.169.133;
posting-account=iQNWIg0AAAAD2fStXNC9nwGlPdSqjWrI
Xref: newsmaster.cc.columbia.edu comp.protocols.kermit.misc:15184
David Murray wrote:
> Hi:
>
> My company has started to implement hardened/expiring passwords on
all
> of its HP-UX UNIX servers. Prior to the change we had been using
> Kermit 95 GUI (SSH v2 enabled) for about two months without any
issues
> (After some serious scripting work). Anyway, after the expiring
> password change went into effect, we're finding that when a user's
> login expires, they're not being being prompted to change their
login.
> As a result of this apparent limitation, they're contacting MIS and
> we're resetting their passwords for their accounts. Obviously, that
is
> not a permenant solution to the problem. Anyone have any ideas?
>
> Note: I've 'heard' that without the password the user's identify
can't
> be
> authenticated, so SSH won't allow the unauthenticated person to
> reset
> the password. If this is true, then it would seem that SSH
> password
> authentication and expiring passwords are mutually exclusive.
> :*(
I have a similar environment to yours with one of my hosts, but I don't
know if I have the problem or not. The host is an HP 9000/800 running
HP-UX B.11.00. I access the host via Kermit-95 2.1.3 GUI acting as an
SSH v2 client with v2 RSA public/private keys.
Passwords on the host expire roughly every 6 months, but beginning
about 10 days before expiration I see a message at logon that says my
password will expire on X date.
Normally I wait until the password is a day or two from expiring and
change it using the passwd command. I've never had a problem, but I
don't know if I've ever actually let the password expire since I've
been using SSH access. I know the password has expired in the past when
I was using Kermit as a telnet client, but of course that isn't
relevant to this.
I would be willing to let the password expire just to see what happens
as telnet is still available as a backup, but it just expired this
month and won't expire again until February.
I note you refer to "some serious scripting work". Did this include a
login script? Could the password change dialog be getting lost in the
script?
--
Mark Sapiro msapiro at value dot net The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan