on one of the boxes I don't control at work I use ssh
keys to log in. Our passwords are set to expire after a few months. What happens if I don't reset my password and it expires? will I still be able to login? Does what happens depend on some sshd
setting? or some pam setting?
Linux SSH – What Happens When Password Expires with Key Authentication?
linuxpamSecurityssh
Related Question
- Ssh – allow only specific users to login via sshd, but refuse connect to non-listed users
- Ssh – Expired password and SSH key based login with UsePAM yes
- Linux – SSH Logins failing for all users, even when using correct password
- How to allow crontab use for local accounts that don’t allow interactive logins
Best Answer
Under default behavior, you will still be able to log in using your ssh key, but the system administrator is free to change this behavior using
pam
or other methods. OpenSSH doesn't care about the expiration date on your password if it's not using password authentication, butpam
can be set up to check password expiration even aftersshd
has authenticated your key. It could probably even be set up to force you to enter and change your expired password before handing you the shell prompt. For the best answer, ask your sysadmin.EDIT: For more details on the interaction between SSH and PAM, see this answer.