Warning: Use of undefined constant HTTP_USER_AGENT - assumed 'HTTP_USER_AGENT' (this will throw an Error in a future version of PHP) in /var/www/html/linuxbyimraan.co.za/wp-content/themes/voice-blog/header.php on line 1
Being prompted for password after not setting one (RHEL/Amazon Linux) – LinuxByImraan

Being prompted for password after not setting one (RHEL/Amazon Linux)

So when connecting to an instance, I was prompted for a password even though I never set which was weird. The error I was getting was the following:

When logging in as ec2-user:

you are required to change your password immediately (password aged)
Last login: Sat Aug 11 00:16:08 2018 from
WARNING: Your password has expired.
You must change your password now and login again!
Changing password for user ec2-user.
Changing password for ec2-user.
(current) UNIX password:

When logging in as root:

Authenticating with public key “Imported-Openssh-Key: C:\MobaXterm_Portable_v10.9\hlsmtc.pem”
Server refused public-key signature despite accepting key!
root@’s password:

To resolve the issue, I unmounted the volumes and mounted them to a recovery instance then did the following:

$chroot /mnt   <—- my temp mount point

$chage -l ec2-user    <—- command to check password settings

chage -l ec2-user
Last password change : Oct 11, 2017
Password expires : Jan 09, 2018
Password inactive : never
Account expires : never
Minimum number of days between password change : 7
Maximum number of days between password change : 90
Number of days of warning before password expires : 7

Looking at the line above “Maximum number of days between password change : 90” we see that its set to 90 days and as the AMI was created last year, this would cause an issue. So I needed to change this, which I did in the /etc/login.defs file.

# Password aging controls:
# PASS_MAX_DAYS Maximum number of days a password may be used.
# PASS_MIN_DAYS Minimum number of days allowed between password changes.
# PASS_MIN_LEN Minimum acceptable password length.
# PASS_WARN_AGE Number of days warning given before a password expires.

As you can see, PASS_MAX_DAYS is set to 90. I changed this to the following:


After making the above change and re-attching the volume to my instance, I could ssh without being prompted for a password.


No token or token has expired.

Leave a Reply

Your email address will not be published. Required fields are marked *