dear list. I've sent a mail, a few days ago, and did not receive any replies... let me try again.. I'm sure some of know the issue, and are able to shed some light on it. (i had tow questions, this time i'll split the post in two seperate mails, maybe that's better..?) Anyway: I've just setup suse 9.1, ftp install. I've added some users, and and somehow, every morning when i try to logon with my (normal, no root) user id, it says: password has expired, and i have to change it. (expiration date is set to somewhere in 2010... and yes, system time is current) (and it happened every morning for a week now) Could it have something to do with passwords being checked every night, and the system finding my password too weak? This is just a test setup, don't want to have difficult passwords in a test setup... Any ideas? Yours, MOurik Jan
On Thursday 07 October 2004 11:02, Heupink, Mourik Jan C. wrote:
dear list.
I've sent a mail, a few days ago, and did not receive any replies... let me try again.. I'm sure some of know the issue, and are able to shed some light on it. (i had tow questions, this time i'll split the post in two seperate mails, maybe that's better..?)
Yes, IMO it is. That way the subject is consistent with the message. :)
Anyway: I've just setup suse 9.1, ftp install. I've added some users, and and somehow, every morning when i try to logon with my (normal, no root) user id, it says: password has expired, and i have to change it. (expiration date is set to somewhere in 2010... and yes, system time is current) (and it happened every morning for a week now)
Could it have something to do with passwords being checked every night,
Without knowing the cause, that is a possibility.
and the system finding my password too weak? This is just a test setup, don't want to have difficult passwords in a test setup...
1) What do you use to check the paswords? 2) Since when do you check the passwords? 3) Does (temporary?) turning off the password check help? Cheers, Leen
On Thu, 2004-10-07 at 05:02, Heupink, Mourik Jan C. wrote:
dear list.
I've sent a mail, a few days ago, and did not receive any replies... let me try again.. I'm sure some of know the issue, and are able to shed some light on it. (i had tow questions, this time i'll split the post in two seperate mails, maybe that's better..?)
Anyway: I've just setup suse 9.1, ftp install. I've added some users, and and somehow, every morning when i try to logon with my (normal, no root) user id, it says: password has expired, and i have to change it. (expiration date is set to somewhere in 2010... and yes, system time is current) (and it happened every morning for a week now)
Could it have something to do with passwords being checked every night, and the system finding my password too weak? This is just a test setup, don't want to have difficult passwords in a test setup...
Any ideas?
Yours, MOurik Jan
Have you turned off the password checking program to see if it is the culprit? -- Ken Schneider UNIX since 1989 SuSE since 1998 * Only reply to the list please*
The 2004-10-07 at 11:02 +0200, Heupink, Mourik Jan C. wrote:
dear list.
:-)
I've sent a mail, a few days ago, and did not receive any replies...
I remember, but nothing clear occurred to me.
let me try again.. I'm sure some of know the issue, and are able to shed some light on it. (i had tow questions, this time i'll split the post in two seperate mails, maybe that's better..?)
Definitely. The subject should match the contens... many of us do not read all emails, just browse around and read those whose subject is interesting or we can answer or learn from.
Anyway: I've just setup suse 9.1, ftp install. I've added some users, and and somehow, every morning when i try to logon with my (normal, no root) user id, it says: password has expired, and i have to change it. (expiration date is set to somewhere in 2010... and yes, system time is current) (and it happened every morning for a week now)
Could it have something to do with passwords being checked every night, and the system finding my password too weak? This is just a test setup, don't want to have difficult passwords in a test setup...
I don't know, but it could be. I find that a Good Thing To Do... Anyway, test the hypothesis: create a new test user with a difficult password. If it is not reset, that's the problem. -- Cheers, Carlos Robinson
On Thursday, 7 October 2004 11.02, Heupink, Mourik Jan C. wrote:
dear list.
I've sent a mail, a few days ago, and did not receive any replies... let me try again.. I'm sure some of know the issue, and are able to shed some light on it. (i had tow questions, this time i'll split the post in two seperate mails, maybe that's better..?)
Anyway: I've just setup suse 9.1, ftp install. I've added some users, and and somehow, every morning when i try to logon with my (normal, no root) user id, it says: password has expired, and i have to change it. (expiration date is set to somewhere in 2010
where do you see that?
... and yes, system time is current) (and it happened every morning for a week now)
Could it have something to do with passwords being checked every night, and the system finding my password too weak?
Look at the mail sent to root. If the password checker finds any problems it will send a mail detailing them.
On Thursday, 7 October 2004 11.02, Heupink, Mourik Jan C. wrote:
dear list.
I've sent a mail, a few days ago, and did not receive any replies... let me try again.. I'm sure some of know the issue, and are able to shed some light on it. (i had tow questions, this time i'll split the post in two seperate mails, maybe that's better..?)
Anyway: I've just setup suse 9.1, ftp install. I've added some users, and and somehow, every morning when i try to logon with my (normal, no root) user id, it says: password has expired, and i have to change it. (expiration date is set to somewhere in 2010 Is this under Security and Users in Yast? If so those should be days, not years
... and yes, system time is current) (and it happened every morning for a week now)
Could it have something to do with passwords being checked every night, and the system finding my password too weak? Here is a little more help:
When you open the Security settings window, you'll have a few options for setting up some security on your system. By default it has a custom level, which you will now be setting. Click "Next". The next window has password options. At the top where it says "Checks" click the box that says "Checking new passwords" which will keep users from setting bad passwords. Next, in the Password Length section, you should probably raise the "Maximum" length up a few notches, as 8 is nothing but poor. I have mine set at 18, really I just added the one in front. You can also set some password change warnings here, which may come in handy if a lot of users are going to use the system. At this point you can also set a maximum length of time before a user needs to change there password. Click on "Next". The next section should be changed from default: Where it says "Boot permissions" click on the drop down box where it says "Reboot" and select "Ignore" so no one can just reboot your system. This is especially important if you're running a server. Under that, where it says "Automatic" you should select "Only Root". That way no one can just shut the system down. Click "Next". This window will ask you how to interpret certain key combinations. CNTRL + ALT + DELETE and such. If you your server is only for web or email leave these alone. Click "Next". This window allows you to set how long of a delay there is if someone logs in and mistypes a password, or if someone is trying to guess passwords. The default is 3 seconds. This can be left alone unless your seeing a lot of people trying to do dictionary attacks on your box. Dont make too drastic of changes, try making changes of 1-2 seconds at a time. After you have chosen your options, click on "Next". The next setting is for updatedb. This is run every night, and you can select which user runs the command. You won't be typing it if you select your own user name, it in fact just runs with permissions of whichever of the user names you tell it to run as. It will only update files in the database that are accessible by that user. I'd suggest leaving it at "Nobody". Most of the other options here should be left alone unless you know what you're doing. After you have selected what you would like here, click on the "Finish" button, and all the settings will be saved. Have a good day http://www.susenet.com
participants (6)
-
Anders Johansson -
Carlos E. R. -
Heupink, Mourik Jan C. -
Ken Schneider -
Leendert Meyer -
suse-list@fresno.edu