Change password

Advertisement

kamwoj
Joined:
Posts:
4
Location:
Poland

Change password

Hi everyone,
I met problem with handling passwords in WinSCP.

During authentication via PuTTy, my server request users to change a password like below:
kamXXXX@XXXX's password:
You are required to change your password immediately (root enforced)
Last login: Mon Jul 16 10:09:52 2012 from XXXX.XXX.XX
WARNING: Your password has expired.
You must change your password now and login again!
Changing password for user kamXXX.
Changing password for kamXXX
(current) UNIX password:


I would like to change password if I connect to server via WinSCP. But WinSCP doesn't cooperate with my server Red Hat Enterprise Linux Server (release 5.8). I have found information that WinSCP can show password change prompt (https://winscp.net/eng/docs/ui_authenticate#password_change) but in my case WinSCP prompt only error: Connection has been unexpectedly closed. Server sent command exit status 1. Cannot initialize SFTP protocol. Is the host running a SFTP server?

I think server use correctly keyboard interactive feature because before this error WinSCP prompted Authentication Banner stored on server in /etc/issue file.


Where is the problem?

WinSCP version: 4.3.8 (build 1771)

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
41,518
Location:
Prague, Czechia

Re: Change password

Please attach a full log file showing the problem.

To generate log file, enable logging, log in to your server and do the operation and only the operation that causes the error. Submit the log with your post as an attachment. Note that passwords and passphrases not stored in the log. You may want to remove other data you consider sensitive though, such as host names, IP addresses, account names or file names (unless they are relevant to the problem). If you do not want to post the log publicly, you may email it to me. You will find my address (if you log in) in my forum profile. Please include link back to this topic in your email. Also note in this topic that you have emailed the log.

Reply with quote

kamwoj
Joined:
Posts:
4
Location:
Poland

. 2012-07-16 14:03:18.737 --------------------------------------------------------------------------
. 2012-07-16 14:03:18.737 WinSCP Version 4.3.8 (Build 1771) (OS 5.1.2600 Dodatek Service Pack 3)
. 2012-07-16 14:03:18.737 Configuration: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\
. 2012-07-16 14:03:18.737 Local account: XXX\XXX
. 2012-07-16 14:03:18.737 Login time: 16 lipiec 2012 14:03:18
. 2012-07-16 14:03:18.737 --------------------------------------------------------------------------
. 2012-07-16 14:03:18.737 Session name: XXX(Modified stored session)
. 2012-07-16 14:03:18.737 Host name: XXX (Port: 22)
. 2012-07-16 14:03:18.737 User name: (Password: No, Key file: No)
. 2012-07-16 14:03:18.737 Tunnel: No
. 2012-07-16 14:03:18.737 Transfer Protocol: SFTP (SCP)
. 2012-07-16 14:03:18.737 Ping type: -, Ping interval: 30 sec; Timeout: 15 sec
. 2012-07-16 14:03:18.737 Proxy: none
. 2012-07-16 14:03:18.737 SSH protocol version: 2; Compression: No
. 2012-07-16 14:03:18.737 Bypass authentication: No
. 2012-07-16 14:03:18.737 Try agent: Yes; Agent forwarding: No; TIS/CryptoCard: No; KI: Yes; GSSAPI: No
. 2012-07-16 14:03:18.737 Ciphers: aes,blowfish,3des,WARN,arcfour,des; Ssh2DES: No
. 2012-07-16 14:03:18.737 SSH Bugs: -,-,-,-,-,-,-,-,-
. 2012-07-16 14:03:18.737 SFTP Bugs: -,-
. 2012-07-16 14:03:18.737 Return code variable: Autodetect; Lookup user groups: Yes
. 2012-07-16 14:03:18.737 Shell: default
. 2012-07-16 14:03:18.737 EOL: 0, UTF: 2
. 2012-07-16 14:03:18.737 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes
. 2012-07-16 14:03:18.737 LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No
. 2012-07-16 14:03:18.737 Local directory: default, Remote directory: home, Update: No, Cache: Yes
. 2012-07-16 14:03:18.737 Cache directory changes: Yes, Permanent: Yes
. 2012-07-16 14:03:18.737 DST mode: 1
. 2012-07-16 14:03:18.737 --------------------------------------------------------------------------
. 2012-07-16 14:03:18.972 Looking up host "XXXX"
. 2012-07-16 14:03:19.081 Connecting to XXXX port 22
. 2012-07-16 14:03:19.112 Server version: SSH-2.0-OpenSSH_4.3
. 2012-07-16 14:03:19.112 Using SSH protocol version 2
. 2012-07-16 14:03:19.112 We claim version: SSH-2.0-WinSCP_release_4.3.8
. 2012-07-16 14:03:19.112 Doing Diffie-Hellman group exchange
. 2012-07-16 14:03:19.112 Doing Diffie-Hellman key exchange with hash SHA-1
. 2012-07-16 14:03:19.503 Host key fingerprint is:
. 2012-07-16 14:03:19.503 ssh-rsa 2048 c4:a8:95:b6:4a:1a:b5:be:af:05:40:e0:b6:d2:64:7f
. 2012-07-16 14:03:19.503 Initialised AES-256 SDCTR client->server encryption
. 2012-07-16 14:03:19.503 Initialised HMAC-SHA1 client->server MAC algorithm
. 2012-07-16 14:03:19.503 Initialised AES-256 SDCTR server->client encryption
. 2012-07-16 14:03:19.503 Initialised HMAC-SHA1 server->client MAC algorithm
. 2012-07-16 14:03:19.565 Prompt (2, SSH login name, , login as: )
. 2012-07-16 14:03:39.722 Prompt (7, SSH password, , &Password: )
. 2012-07-16 14:03:44.816 Sent password
. 2012-07-16 14:03:44.831 Access granted
. 2012-07-16 14:03:44.956 Opened channel for session
. 2012-07-16 14:03:44.956 Started a shell/command
. 2012-07-16 14:03:44.956 --------------------------------------------------------------------------
. 2012-07-16 14:03:44.956 Using SFTP protocol.
. 2012-07-16 14:03:44.956 Doing startup conversation with host.
> 2012-07-16 14:03:44.987 Type: SSH_FXP_INIT, Size: 5, Number: -1
. 2012-07-16 14:03:44.987 Server sent command exit status 1
. 2012-07-16 14:03:44.987 Disconnected: All channels closed
* 2012-07-16 14:03:45.034 (ESshFatal) Connection has been unexpectedly closed. Server sent command exit status 1.
* 2012-07-16 14:03:45.034 Cannot initialize SFTP protocol. Is the host running a SFTP server?

Reply with quote

kamwoj
Joined:
Posts:
4
Location:
Poland

=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2012.07.16 15:04:23 =~=~=~=~=~=~=~=~=~=~=~=
login as: kamXXXX

WARNING! This system is restricted to authorized users for authorized use only. Unauthorized access is strictly prohibited and may be punishable under applicable laws. If you not authorized to access this system, disconnect now. By continuing, you consent to your keystrokes and data content being monitored. All persons are hereby notified that the use of this system constitutes to monitoring and auditing.

kamXXXX@XXX's password:
You are required to change your password immediately (root enforced)
Last login: Mon Jul 16 15:03:21 2012 from XXX.XXX.XX

WARNING: Your password has expired.
You must change your password now and login again!
Changing password for user kamXXXX.
Changing password for kamXXXX
(current) UNIX password:
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.

Reply with quote

Advertisement

kamwoj
Joined:
Posts:
4
Location:
Poland

2012-07-16 15:23:26 Looking up host "XXXXXXXX"
2012-07-16 15:23:26 Connecting to XXXXXXXX port 22
2012-07-16 15:23:26 Server version: SSH-2.0-OpenSSH_4.3
2012-07-16 15:23:26 Using SSH protocol version 2
2012-07-16 15:23:26 We claim version: SSH-2.0-PuTTY_Release_0.62
2012-07-16 15:23:26 Doing Diffie-Hellman group exchange
2012-07-16 15:23:26 Doing Diffie-Hellman key exchange with hash SHA-1
2012-07-16 15:23:26 Host key fingerprint is:
2012-07-16 15:23:26 ssh-rsa 2048 c4:a8:95:b6:4a:1a:b5:be:af:05:40:e0:b6:d2:64:7f
2012-07-16 15:23:26 Initialised AES-256 SDCTR client->server encryption
2012-07-16 15:23:26 Initialised HMAC-SHA1 client->server MAC algorithm
2012-07-16 15:23:26 Initialised AES-256 SDCTR server->client encryption
2012-07-16 15:23:26 Initialised HMAC-SHA1 server->client MAC algorithm
2012-07-16 15:23:32 Using SSPI from SECUR32.DLL
2012-07-16 15:23:32 Attempting GSSAPI authentication
2012-07-16 15:23:32 GSSAPI authentication request refused
2012-07-16 15:23:41 Sent password
2012-07-16 15:23:41 Access granted
2012-07-16 15:23:41 Opened channel for session
2012-07-16 15:23:41 Allocated pty (ospeed 38400bps, ispeed 38400bps)
2012-07-16 15:23:41 Started a shell/command

Reply with quote

martin
Site Admin
martin avatar

OK, so there's indeed no "keyboard interactive" prompt. What you are seeing in PuTTY is terminal prompt that the server presens in interactive sessions only. What is not a case of WinSCP. You may weat to check your SSH server config, if you can enable the keyboard interactive prompts for presenting password change requests.

Reply with quote

Advertisement

You can post new topics in this forum