[Bug 3576] New: The sftp-server does not provide the feature of changing expired passwords, which is provided by the sshd.

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Sat May 27 13:21:13 AEST 2023


https://bugzilla.mindrot.org/show_bug.cgi?id=3576

            Bug ID: 3576
           Summary: The sftp-server does not provide the feature of
                    changing expired passwords, which is provided by the
                    sshd.
           Product: Portable OpenSSH
           Version: -current
          Hardware: All
                OS: Linux
            Status: NEW
          Severity: security
          Priority: P5
         Component: sftp-server
          Assignee: unassigned-bugs at mindrot.org
          Reporter: rmsh1216 at 163.com

Hi!
When I try to ssh into an account with an expired password, I'm
reminded and can change the password, as shown below,
```
# ssh user at ipaddress

Authorized users only. All activities may be monitored and reported.
user at ipaddress's password:
You are required to change your password immediately (administrator
enforced).

Authorized users only. All activities may be monitored and reported.
WARNING: Your password has expired.
You must change your password now and login again!
Changing password for user user.
Changing password for user.
Current password:
```

But when I log in using sftp, I'm not prompted to change the password,
but just disconnect.
```
# sftp user at ipaddress

Authorized users only. All activities may be monitored and reported.
user at ipaddress's password:
You are required to change your password immediately (administrator
enforced).
subsystem request failed on channel 0
Connection closed
```
I have some doubts about this, if sftp-server is designed like this,
please let me know the reason.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list