Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Fwd: password expiring problem

from [Igor Trevisan] Network Security [Permanent Link]
Subject: Fwd: password expiring problem
Date: Fri, 27 Jul 2007 08:45:29 +0200 
Maybe my answer didn't reach the list.
I send it again...
See below.



Jul 23 12:59:35 freescale auth.info sshd[1816]: User igotre password
has expired (root forced)


This means that sshd found a zero in the sp_lstchg field in the
/etc/shadow file (if yours has the same layout as mine, it's the field
immediately after the encrypted password).


Yes, the field value was zero.


So what's happening is that sshd thinks your password has expired so it
runs "passwd", but passwd either isn't clearing the setting that says
that the password needs changing, or it's deliberately resetting it.


It seems that passwd doesn't do anything with that field. It remains zero
also after a password update.
Note that I'm using busybox passwd command an my board.


 You can probably work around it by manually editing /etc/shadow to
remove the zero from that field.


Yes, I did this way and the problem has been solved.


 Does your passwd program actually support the shadow password expiry
fields?  If you run it from a shell, does it clear the field?


It doesn't affect the "password expiry field" as I told.


Oh, and since the sp_lstchg field is "days since Jan 1, 1970", does your
board have a clock, or does it think it's still in the 70s?  If the
apparent date is still Jan 1, 1970 that would probably cause passwd to
write a zero to that field when a password is changed.


When the board starts it's in the '70s but I set up the correct date
by hand. At this time it goes this way... I'm still in the beginning stage
of my project development....


 [...]

Jul 23 12:59:35 freescale auth.err sshd[1821]: error: open /dev/tty
failed - could not set controlling tty: Permission denied


That's a separate problem but probably unrelated: the permissions on the

/dev/tty device special are probably wrong.  It should be mode 666.



Yes, this was a completely different matter and I could solve it in
the meanwhile
 changing the file permission of the tty device as you said.

Thanks a lot Darren for your detailed and clear answer.


Igor.

-- 
"C'e' chi nasce leone e chi nasce gazzella.
Io sono nato orso!"
-- I.T. --

-- 
"C'e' chi nasce leone e chi nasce gazzella.
Io sono nato orso!"
-- I.T. --
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: OpenSSH's sshd drops connections, maf
Next by Date:  Re: error: open /dev/tty failed - could not set controlling tty: No such device or address, Orlin Gueorguiev
Previous by Thread:  Re: password expiring problem, Darren Tucker
Next by Thread:  OpenSSH 4.3p2 -> 4.3p2; gssapi problem., Edward Roper
Indexes:  [Date] [Thread] [Top] [All Lists]