Password expiration not writing to shadow
We have a strict password expiration policy given to us that we must enforce. When looking to confirm that WHM made the changes to password age in the security settings we noticed that the password age in the shadow file is unchanged. We thought this might be due to the user not having changed their password after the password age was set, so we tested this on our cpanel account and again the shadow file remained unchanged.
1. What file file is WHM writing to when changing the password age?
2. Does changing the password age also effect those who only ssh or must we make the change in the /etc/shadow file for that?
Thank you!
-
Michael, One other question: If we were to edit /etc/shadow to set the password age to 90 days so ssh and ftp users would also be restricted to password age policies. If then when the 90 days was reached and the ssh user was notified of password expiration, and then the user does a passwd and changes their password, will that change replicate to all locations it needs to be? I know it will change in /etc/shadow but will it also need to change in other locations for cpanel login to work properly? Sorry for all the questions! Trying to get this figured out since about half our users are ssh and sftp only users. Thanks! 0 -
Could you open a support ticket using the link in my signature so we can take a closer look? It's possible this feature is not functioning as expected if the /etc/shadow file is not updating as expected. You can post the ticket number here so we can update this thread with the outcome. Thank you. 0
Please sign in to leave a comment.
Comments
4 comments