https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410628#M859062 This likely a standard system (ie, not Trusted). The problem is that the MAXIMUM password for allowed for a non-Trusted system is 8 characters. If you create or type a password with 9 characters, the extra character(s) will be ignored. Technically, that's not a desirable behavior and it does not match ssh which will try to match a 9 character encryption to an 8 character encryption (and always fails). Bottom line: To avoid compatibility issues, never use more than 8 characters for a non-Trusted system password. Wed, 17 Nov 2004 21:37:09 GMT Bill Hassell 2004-11-17T21:37:09Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410619#M859053 I' am using Secure shell : A.03.81.002<BR /><BR />login works find using ssh and PUTTY client.<BR /><BR />If user changes his password, the change succeeds but on next (ssh) logon user is rejected:<BR /><BR />Failed password for <USER> from A.B.C.D port 3000 ssh2<BR /><BR />A telnet logon with new passowrd works find !!!<BR /><BR />Any ideas (I have absolutely none)<BR /><BR />Regards<BR />Rainer</USER> Fri, 29 Oct 2004 04:46:02 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410619#M859053 Rainer von Bongartz 2004-10-29T04:46:02Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410620#M859054 Hello Rainer von Bongartz<BR /><BR />It seems strange.<BR />You can check and looking for more in this website:<BR /><A href="http://www.ssh.com/support/downloads/secureshellserver/updates-and-packages-3-1.html" target="_blank">http://www.ssh.com/support/downloads/secureshellserver/updates-and-packages-3-1.html</A><BR />It is a good site talking about SSH.<BR /><BR />Hope this helps<BR />Regard,<BR />Jimkery Fri, 29 Oct 2004 05:23:41 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410620#M859054 Hoang Chi Cong_1 2004-10-29T05:23:41Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410621#M859055 Lets see what we can do.<BR />start a new sshd.<BR />sshd -ddd -p "some_other_port"<BR /><BR />Try connecting and post Fri, 29 Oct 2004 06:16:42 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410621#M859055 RAC_1 2004-10-29T06:16:42Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410622#M859056 here's the output of the connect <BR /><BR />User can definitly logon on telnet prot with this password<BR /><BR />Rainer Fri, 29 Oct 2004 06:29:06 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410622#M859056 Rainer von Bongartz 2004-10-29T06:29:06Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410623#M859057 btw. problems seems to arise after upgrading from<BR /><BR />HP-UX Secure Shell A.03.61.002<BR /> to<BR />HP-UX Secure Shell A.03.81.002 Fri, 29 Oct 2004 06:33:10 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410623#M859057 Rainer von Bongartz 2004-10-29T06:33:10Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410624#M859058 On ssh server, check sshd_config file.<BR />Is PAM setting set to yes?? If not set it and try.<BR />Post the results.<BR /><BR />Anil Fri, 29 Oct 2004 07:01:24 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410624#M859058 RAC_1 2004-10-29T07:01:24Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410625#M859059 Got it:<BR /><BR />specification in /etc/default/security<BR /><BR />MIN_PASSWORD_LENGTH=8<BR /><BR />if you now change your password to 9 characters you cannot log in using ssh but still logon on telnet port using this 9-character password.<BR /><BR />I see no reason for this behaviour as MIN_PASSWORD_LENGTH specifies a minimum password length and not a maximum password length !!!<BR /><BR />Also I don't see the reason for the different behaviour of ssh and telnet.<BR /><BR />Perhaps somebody could shed some light on this ??<BR /><BR />Regards<BR />Rainer Fri, 29 Oct 2004 07:26:56 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410625#M859059 Rainer von Bongartz 2004-10-29T07:26:56Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410626#M859060 I am having the same problem. Does anyone have a solution? The only difference in my situation is that I have not changed the Minimum password length paramater. A nine character password will fail for ssh, but work fine for telnet. Wed, 17 Nov 2004 10:19:09 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410626#M859060 Jeffrey Heneks_2 2004-11-17T10:19:09Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410627#M859061 Trusted Mode, ShadowPasswords, or standard? I want to know where to concentrate. Wed, 17 Nov 2004 19:41:21 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410627#M859061 Jordan Bean 2004-11-17T19:41:21Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410628#M859062 This likely a standard system (ie, not Trusted). The problem is that the MAXIMUM password for allowed for a non-Trusted system is 8 characters. If you create or type a password with 9 characters, the extra character(s) will be ignored. Technically, that's not a desirable behavior and it does not match ssh which will try to match a 9 character encryption to an 8 character encryption (and always fails). Bottom line: To avoid compatibility issues, never use more than 8 characters for a non-Trusted system password. Wed, 17 Nov 2004 21:37:09 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-password-problems/m-p/3410628#M859062 Bill Hassell 2004-11-17T21:37:09Z