Network Security: Detailed info on Expired password unchangeable with SFTP clients

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Secure-Shell

[Top] [All Lists]

Expired password unchangeable with SFTP clients

from [Russell Millard Oliver] Network Security

[Permanent Link]

Subject:	Expired password unchangeable with SFTP clients
Date:	Thu, 31 Jan 2008 08:00:43 -0700

I am running Solaris 9, OpenSSH 4.7p1
I am trying to configure SFTP-only users that will not have shell
access.  As referenced in various places, I simply create a user whose
shell is /usr/local/libexec/sftp-server.
 
This works great for our use and I was just about to take it from
development to production when I started building accounts and expiring
the password.  When I try to log on with various different SFTP clients
(putty's sftp client, ssh.com's free client, WinSCP, and even WS_FTP
Pro), if the password is expired, I get authentication failure.  Using
Sun's SSH server, this works fine, but we're moving to OpenSSH.
 
Is there a configuration I don't know about that would allow me to be
able to change an expired password?  Any other suggestions?
 
Thanks,
Russ Oliver
Systems Programmer
Information Technology
University of Wyoming

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Expired password unchangeable with SFTP clients, Russell Millard Oliver <= Re: Expired password unchangeable with SFTP clients, Bob Rasmussen

Previous by Date:	Re: Rookie needs help: Two shell sessions in one, Joe Beasley
Next by Date:	Re: Expired password unchangeable with SFTP clients, Bob Rasmussen
Previous by Thread:	Could not load host key: /usr/local/etc/ssh_host_key, Matias Franceschini
Next by Thread:	Re: Expired password unchangeable with SFTP clients, Bob Rasmussen
Indexes:	[Date] [Thread] [Top] [All Lists]