Just created a new droplet (Debian 7/x64) and logged in via SSH. After login, before dropping to a shell, sshd asks to change my password, which I did, successfully. But after logging out and logging in again, it keeps doing so. Any clue on how to disable this? I’ve tried looking at /etc/ssh/sshd_config, /etc/login.defs, /etc/pam.d, and using usermod + chage, all to no avail.
Ah, my bad. Turns out it is still showing password as expired because of ssh connection sharing (-S). If I turn off connection sharing (or use a new connection), the problem goes away:
# ssh -S none root@IPADDRESS
…
root@host:~#
Thanks. This solved the same issue for me as well.
Why is this the reason, though. Could somebody explain?
Thanks in advance!
To view information about password expiration you can run:
chage -l root
Running it without the -l flag will allow you to change the expiration date.
I already tried it and, in accordance to the /etc/shadow entry, chage doesn’t show the root account’s password as being expired:
# chage -l root
Last password change : Sep 04, 2014
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : -1
Number of days of warning before password expires : 14
I had this problem when I tried to remove ssh authentication and instead use username/password while using mup (Meteor deployment utility). When I ssh'ed into the server, it asked me to change the password, and then things were good from that point on.
It would be better anyway if you disable the password auth and instead use ssh key auth
I did and I can already login. But instead of the shell prompt, I always get the change password prompt.
If I do “ssh root@ip somecommand” I’m getting the warning:
But I’m not seeing my password as expired. Here’s the redacted /etc/shadow entry: