Environment:
HP-UX 11.11 with June 2005 Gold patches
HP-UX Secure Shell-A.04.10.002
Trusted Security is enabled.
When I telnet to the server, I get password expiration messages. For example:
telnet myserver
login: testuser
Password:
Last successful login for testuser: Wed Nov 2 18:20:15 EST5EDT 2005 on pts/ta
Last unsuccessful login for testuser: Wed Nov 2 12:14:09 EST5EDT 2005
Your password will expire on Wed Nov 2 21:15:15 EST5EDT 2005
==============================================================
When I use ssh with the following sshd_config configuration options, I don't receive expiration notices:
PasswordAuthentication yes
ChallengeResponseAuthentication no
UsePAM yes
ssh myserver
testuser@myserver's password:
Last login: Wed Nov 2 18:20:31 2005 from myserver
=============================================
PasswordAuthentication no
ChallengeResponseAuthentication yes
UsePAM yes
testuser@myserver's password:
Last login: Wed Nov 2 18:20:31 2005 from myserver
============================================
PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM yes
ssh myserver
Permission denied (publickey)
============================================
PasswordAuthentication no
ChallengeResponseAuthentication yes
UsePAM no
ssh myserver
Permission denied (publickey,keyboard-interactive)
==================================================
If I disable PAM, then I do get a slightly different password expiration notice, but I can't logon to accounts that have passwords greater than 8 characters.
PasswordAuthentication yes
ChallengeResponseAuthentication no
UsePAM no
ssh myserver
Your password will expire in 1 day.
Last login: Wed Nov 2 18:28:45 2005 from myserver
==================================================
So, is there some other configuration scenario that will provide secure shell logins with similar information as telnet?
(As a workaround I'm using a cron script to notify users, as per examples in earlier threads).
