I am running Solaris 9, OpenSSH 4.7p1 I am trying to configure SFTP-only users that will not have shell access. As referenced in various places, I simply create a user whose shell is /usr/local/libexec/sftp-server. This works great for our use and I was just about to take it from development to production when I started building accounts and expiring the password. When I try to log on with various different SFTP clients (putty's sftp client, ssh.com's free client, WinSCP, and even WS_FTP Pro), if the password is expired, I get authentication failure. Using Sun's SSH server, this works fine, but we're moving to OpenSSH. Is there a configuration I don't know about that would allow me to be able to change an expired password? Any other suggestions? Thanks, Russ Oliver Systems Programmer Information Technology University of Wyoming
