Question

How can I stop my droplet from asking to change my password?

Posted September 4, 2014 15.9k views

Just created a new droplet (Debian 7/x64) and logged in via SSH. After login, before dropping to a shell, sshd asks to change my password, which I did, successfully. But after logging out and logging in again, it keeps doing so. Any clue on how to disable this? I’ve tried looking at /etc/ssh/sshd_config, /etc/login.defs, /etc/pam.d, and using usermod + chage, all to no avail.

Add a comment
wettshirt
By:
wettshirt
Add a comment
2 comments
  • info724961 September 4, 2014
    Reply Report

    It would be better anyway if you disable the password auth and instead use ssh key auth

  • wettshirt September 4, 2014
    Reply Report

    I did and I can already login. But instead of the shell prompt, I always get the change password prompt.

    If I do “ssh root@ip somecommand” I’m getting the warning:

    WARNING: Your password has expired
Password change required but no TTY available.

    But I’m not seeing my password as expired. Here’s the redacted /etc/shadow entry:

    root:$6$...:16317:0::14:::

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
3 answers
wettshirt September 4, 2014

Ah, my bad. Turns out it is still showing password as expired because of ssh connection sharing (-S). If I turn off connection sharing (or use a new connection), the problem goes away:

# ssh -S none root@IPADDRESS
...
root@host:~#
Reply Report
asb September 4, 2014

To view information about password expiration you can run:

chage -l root

Running it without the -l flag will allow you to change the expiration date.

Reply Report
  • wettshirt September 4, 2014

    I already tried it and, in accordance to the /etc/shadow entry, chage doesn’t show the root account’s password as being expired:

    # chage -l root
Last password change                                    : Sep 04, 2014
Password expires                                        : never
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : -1
Number of days of warning before password expires       : 14
    Reply Report
jm2242 August 29, 2016

I had this problem when I tried to remove ssh authentication and instead use username/password while using mup (Meteor deployment utility). When I ssh'ed into the server, it asked me to change the password, and then things were good from that point on.

Reply Report
Submit an Answer

Looking for something else?

Ask a new question Search for more help