SSH / Password change request support

Advertisement

Guest

SSH / Password change request support

I would like to see password change request support added to WinSCP. A SSH server may send
SSH_MSG_USERAUTH_PASSWD_CHANGEREQ packet to the client if a password change is required. The client may then try a different authentication method or request a new password from the user and retry password authentication. After the password change, server signals whether the password change was successfull. Also, WinSCP should be able to view the kbd-int messages sent by the server during the password change.

On the GUI side, a separate password change dialog would probably be the best option. It could contain two text fields (fields named new password, new password again or similar) and OK button. WinSCP can test whether the fields are equal and then send the new password. After sending, WinSCP should show the kbd-int message from the server which explains why the password could not be changed (too weak password, ...) or a message about success.

More info about the SSH_MSG_USERAUTH_PASSWD_CHANGEREQ can be found from https://tools.ietf.org/html/draft-ietf-secsh-userauth-27 (pages 10 - 11).

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
28,507
Location:
Prague, Czechia

Re: SSH / Password change request support

This is already of PuTTY's todo list (WinSCP uses SSH implementation from PuTTY project).
_________________
Martin Prikryl

Reply with quote

Advertisement

You can post new topics in this forum