Topic "Change password"

Author Message
kamwoj
[View user's profile]

Joined: 16 Jul 2012
Posts: 4
Location: Poland
Hi everyone,
I met problem with handling passwords in WinSCP.

During authentication via PuTTy, my server request users to change a password like below:
kamXXXX@XXXX's password:
You are required to change your password immediately (root enforced)
Last login: Mon Jul 16 10:09:52 2012 from XXXX.XXX.XX
WARNING: Your password has expired.
You must change your password now and login again!
Changing password for user kamXXX.
Changing password for kamXXX
(current) UNIX password:


I would like to change password if I connect to server via WinSCP. But WinSCP doesnt cooperate with my server Red Hat Enterprise Linux Server (release 5.8). I have found information that WinSCP can show password change prompt (http://winscp.net/eng/docs/ui_authenticate#password_change) but in my case WinSCP prompt only error: Connection has been unexpectedly closed. Server sent command exit status 1. Cannot initialize SFTP protocol. Is the host running a SFTP server?

I think server use correctly keyboard interactive feature because before this error WinSCP prompted Authentication Banner stored on server in /etc/issue file.


Where is the problem?

WinSCP version: 4.3.8 (build 1771)
Advertisements
prikryl
[View user's profile]
Site Admin
Joined: 10 Dec 2002
Posts: 18389
Location: Prague, Czech republic
Please attach a full log file showing the problem.

To generate log file, enable logging, log in to your server and do the operation and only the operation that causes the error. Submit the log with your post as an attachment. Note that passwords and passphrases not stored in the log. You may want to remove other data you consider sensitive though, such as host names, IP addresses, account names or file names (unless they are relevant to the problem). If you do not want to post the log publicly, you may email it to me. You will find my address (if you log in) in my forum profile. Please include link back to this topic in your email. Also note in this topic that you have emailed the log.
kamwoj
[View user's profile]

Joined: 16 Jul 2012
Posts: 4
Location: Poland
. 2012-07-16 14:03:18.737 --------------------------------------------------------------------------
. 2012-07-16 14:03:18.737 WinSCP Version 4.3.8 (Build 1771) (OS 5.1.2600 Dodatek Service Pack 3)
. 2012-07-16 14:03:18.737 Configuration: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\
. 2012-07-16 14:03:18.737 Local account: XXX\XXX
. 2012-07-16 14:03:18.737 Login time: 16 lipiec 2012 14:03:18
. 2012-07-16 14:03:18.737 --------------------------------------------------------------------------
. 2012-07-16 14:03:18.737 Session name: XXX(Modified stored session)
. 2012-07-16 14:03:18.737 Host name: XXX (Port: 22)
. 2012-07-16 14:03:18.737 User name: (Password: No, Key file: No)
. 2012-07-16 14:03:18.737 Tunnel: No
. 2012-07-16 14:03:18.737 Transfer Protocol: SFTP (SCP)
. 2012-07-16 14:03:18.737 Ping type: -, Ping interval: 30 sec; Timeout: 15 sec
. 2012-07-16 14:03:18.737 Proxy: none
. 2012-07-16 14:03:18.737 SSH protocol version: 2; Compression: No
. 2012-07-16 14:03:18.737 Bypass authentication: No
. 2012-07-16 14:03:18.737 Try agent: Yes; Agent forwarding: No; TIS/CryptoCard: No; KI: Yes; GSSAPI: No
. 2012-07-16 14:03:18.737 Ciphers: aes,blowfish,3des,WARN,arcfour,des; Ssh2DES: No
. 2012-07-16 14:03:18.737 SSH Bugs: -,-,-,-,-,-,-,-,-
. 2012-07-16 14:03:18.737 SFTP Bugs: -,-
. 2012-07-16 14:03:18.737 Return code variable: Autodetect; Lookup user groups: Yes
. 2012-07-16 14:03:18.737 Shell: default
. 2012-07-16 14:03:18.737 EOL: 0, UTF: 2
. 2012-07-16 14:03:18.737 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes
. 2012-07-16 14:03:18.737 LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No
. 2012-07-16 14:03:18.737 Local directory: default, Remote directory: home, Update: No, Cache: Yes
. 2012-07-16 14:03:18.737 Cache directory changes: Yes, Permanent: Yes
. 2012-07-16 14:03:18.737 DST mode: 1
. 2012-07-16 14:03:18.737 --------------------------------------------------------------------------
. 2012-07-16 14:03:18.972 Looking up host "XXXX"
. 2012-07-16 14:03:19.081 Connecting to XXXX port 22
. 2012-07-16 14:03:19.112 Server version: SSH-2.0-OpenSSH_4.3
. 2012-07-16 14:03:19.112 Using SSH protocol version 2
. 2012-07-16 14:03:19.112 We claim version: SSH-2.0-WinSCP_release_4.3.8
. 2012-07-16 14:03:19.112 Doing Diffie-Hellman group exchange
. 2012-07-16 14:03:19.112 Doing Diffie-Hellman key exchange with hash SHA-1
. 2012-07-16 14:03:19.503 Host key fingerprint is:
. 2012-07-16 14:03:19.503 ssh-rsa 2048 c4:a8:95:b6:4a:1a:b5:be:af:05:40:e0:b6:d2:64:7f
. 2012-07-16 14:03:19.503 Initialised AES-256 SDCTR client->server encryption
. 2012-07-16 14:03:19.503 Initialised HMAC-SHA1 client->server MAC algorithm
. 2012-07-16 14:03:19.503 Initialised AES-256 SDCTR server->client encryption
. 2012-07-16 14:03:19.503 Initialised HMAC-SHA1 server->client MAC algorithm
. 2012-07-16 14:03:19.565 Prompt (2, SSH login name, , login as: )
. 2012-07-16 14:03:39.722 Prompt (7, SSH password, , &Password: )
. 2012-07-16 14:03:44.816 Sent password
. 2012-07-16 14:03:44.831 Access granted
. 2012-07-16 14:03:44.956 Opened channel for session
. 2012-07-16 14:03:44.956 Started a shell/command
. 2012-07-16 14:03:44.956 --------------------------------------------------------------------------
. 2012-07-16 14:03:44.956 Using SFTP protocol.
. 2012-07-16 14:03:44.956 Doing startup conversation with host.
> 2012-07-16 14:03:44.987 Type: SSH_FXP_INIT, Size: 5, Number: -1
. 2012-07-16 14:03:44.987 Server sent command exit status 1
. 2012-07-16 14:03:44.987 Disconnected: All channels closed
* 2012-07-16 14:03:45.034 (ESshFatal) Connection has been unexpectedly closed. Server sent command exit status 1.
* 2012-07-16 14:03:45.034 Cannot initialize SFTP protocol. Is the host running a SFTP server?
prikryl
[View user's profile]
Site Admin
Joined: 10 Dec 2002
Posts: 18389
Location: Prague, Czech republic
I do not see any "keyboard interactive" prompt in the log. Can you please post a log file from PuTTY too?
kamwoj
[View user's profile]

Joined: 16 Jul 2012
Posts: 4
Location: Poland
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2012.07.16 15:04:23 =~=~=~=~=~=~=~=~=~=~=~=
login as: kamXXXX

WARNING! This system is restricted to authorized users for authorized use only. Unauthorized access is strictly prohibited and may be punishable under applicable laws. If you not authorized to access this system, disconnect now. By continuing, you consent to your keystrokes and data content being monitored. All persons are hereby notified that the use of this system constitutes to monitoring and auditing.

kamXXXX@XXX's password:
You are required to change your password immediately (root enforced)
Last login: Mon Jul 16 15:03:21 2012 from XXX.XXX.XX

WARNING: Your password has expired.
You must change your password now and login again!
Changing password for user kamXXXX.
Changing password for kamXXXX
(current) UNIX password:
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
prikryl
[View user's profile]
Site Admin
Joined: 10 Dec 2002
Posts: 18389
Location: Prague, Czech republic
I've meant event log. Right click the PuTTY window title bar and select Event Log.
kamwoj
[View user's profile]

Joined: 16 Jul 2012
Posts: 4
Location: Poland
2012-07-16 15:23:26 Looking up host "XXXXXXXX"
2012-07-16 15:23:26 Connecting to XXXXXXXX port 22
2012-07-16 15:23:26 Server version: SSH-2.0-OpenSSH_4.3
2012-07-16 15:23:26 Using SSH protocol version 2
2012-07-16 15:23:26 We claim version: SSH-2.0-PuTTY_Release_0.62
2012-07-16 15:23:26 Doing Diffie-Hellman group exchange
2012-07-16 15:23:26 Doing Diffie-Hellman key exchange with hash SHA-1
2012-07-16 15:23:26 Host key fingerprint is:
2012-07-16 15:23:26 ssh-rsa 2048 c4:a8:95:b6:4a:1a:b5:be:af:05:40:e0:b6:d2:64:7f
2012-07-16 15:23:26 Initialised AES-256 SDCTR client->server encryption
2012-07-16 15:23:26 Initialised HMAC-SHA1 client->server MAC algorithm
2012-07-16 15:23:26 Initialised AES-256 SDCTR server->client encryption
2012-07-16 15:23:26 Initialised HMAC-SHA1 server->client MAC algorithm
2012-07-16 15:23:32 Using SSPI from SECUR32.DLL
2012-07-16 15:23:32 Attempting GSSAPI authentication
2012-07-16 15:23:32 GSSAPI authentication request refused
2012-07-16 15:23:41 Sent password
2012-07-16 15:23:41 Access granted
2012-07-16 15:23:41 Opened channel for session
2012-07-16 15:23:41 Allocated pty (ospeed 38400bps, ispeed 38400bps)
2012-07-16 15:23:41 Started a shell/command
prikryl
[View user's profile]
Site Admin
Joined: 10 Dec 2002
Posts: 18389
Location: Prague, Czech republic
OK, so there's indeed no "keyboard interactive" prompt. What you are seeing in PuTTY is terminal prompt that the server presens in interactive sessions only. What is not a case of WinSCP. You may weat to check your SSH server config, if you can enable the keyboard interactive prompts for presenting password change requests.
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License