passwd: Authentication token manipulation error using ssh and public key

ssh public-key public-key-encryption hpc

I'm using ssh and public key (saved in my local computer) to connect to a HPC cluster as follows:

$ ssh -i ~/narvi_key/xenial-narvi-key [email protected]
Enter passphrase for key '/home/xenial/narvi_key/xenial-narvi-key':

When I enter my current password, I get the following message about my expired password:

You are required to change your password immediately (password aged)
Last login: Sun Oct  3 23:24:33 2021 from 85-76-116-76-nat.elisa-mobile.fi
WARNING: Your password has expired.
You must change your password now and login again!
Changing password for user alijani.
Changing password for alijani.
(current) UNIX password:

So when I type my password to proceed to next stage, I encounter the error:

passwd: Authentication token manipulation error
Connection to narvi.tut.fi closed.

Questions:

  1. Is the (current) UNIX password the same as what I normally use to login using ssh?
  2. Do I need to generate new public key?
  3. How do I solve this problem?

Cheers,


Is the (current) UNIX password the same as what I normally use to login using ssh?

Generally sort of yes, but in your specific case – no.

From what you've shown, "what you normally use to log in using SSH" is actually your public key's passphrase – not the same thing.

Instead, the message talks about the password directly associated with the alijani account on that system, i.e. the one that you'd have to enter if you weren't using a public key.

Do I need to generate new public key?

No. The message has nothing to do with your public key.

How do I solve this problem?

If you originally got a password before setting up public-key (e.g. if it was emailed to you), then try entering it – that's the password you're being asked to change. It won't change you public key's passphrase.

However, I'd suggest talking to the system's administrators. For example, if they gave you only public-key access but didn't issue an actual password, then it could be that they didn't mean to leave password expiry enabled in the first place.

Without knowing how the system was set up internally (e.g. are the accounts central across the institution or are they individual for each server/node) it's not possible to give an answer that will be correct for everyone.

Related

Shortcut Shift + F2 for MS Access doesn't work
Monitor making weird noises and shutting off
How can I list which virtual ethernet pairs are running in the current linux host?
What is Dropbox Sync Technology name [closed]
Does port forwarding 9 for Wake On Lan expose my network to attackers?
Unix Command to grep a time range
How to autostart multiple commands within one?
How to add prefix or suffix to range of cells in Excel?
Scroll wheel rubber strip detachment
System.Drawing in Windows or ASP.NET services
How to include all objects of an archive in a shared object?
Launch android application from a browser link