2
I am running Debian server as an SFTP data storage for multiple users. I didn't allow users to login via ssh. Is there any way to users to change their password? Mostly they are using WinSCP client.
I have tried to expire their passwords but WinSCP didn't prompt them to change it.
Any ideas?
Tommy
Posted 2016-12-07T17:14:00.417
Reputation: 21
1
Well ... sftp is file transfer protocol and does not support any user management (password change) so in short, it is not possible in SFTP.
Only possibility is to allow ssh access only in order to change the password (eg. use ForceCommand with proxy selecting between sftp-server and passwd command), such as:
#!/bin/sh
# Script: /usr/local/bin/wrapper.sh
case "$SSH_ORIGINAL_COMMAND" in
"/path/to/sftp-server")
/path/to/sftp-server
;;
"passwd")
passwd
;;
*)
echo "Sorry. Only these commands are available to you:"
echo "ps, vmstat, cupsys stop, cupsys start"
exit 1
;;
esac
Jakuje
Posted 2016-12-07T17:14:00.417
Reputation: 7 981
How exactly did you deny the ability to change their passwords? Given the fact that SFTP is file transfer over SSH, there is a good chance, your users can actually connect to the server using an SSH client. I would need more information to submit a proper answer to this question. – Ramhound – 2016-12-07T17:43:18.263