on one of the boxes I don't control at work I use ssh keys to log in. Our passwords are set to expire after a few months. What happens if I don't reset my password and it expires? will I still be able to login? Does what happens depend on some sshd setting? or some pam setting?
Linux SSH – What Happens When Password Expires with Key Authentication?
linuxpamSecurityssh
Related Question
- Ssh – allow only specific users to login via sshd, but refuse connect to non-listed users
- Ssh – Expired password and SSH key based login with UsePAM yes
- Linux – SSH Logins failing for all users, even when using correct password
- How to allow crontab use for local accounts that don’t allow interactive logins
Best Answer
Under default behavior, you will still be able to log in using your ssh key, but the system administrator is free to change this behavior using
pamor other methods. OpenSSH doesn't care about the expiration date on your password if it's not using password authentication, butpamcan be set up to check password expiration even aftersshdhas authenticated your key. It could probably even be set up to force you to enter and change your expired password before handing you the shell prompt. For the best answer, ask your sysadmin.EDIT: For more details on the interaction between SSH and PAM, see this answer.