I am running Debian server as an SFTP data storage for multiple users. I didn't allow users to login via ssh. Is there any way to users to change their password? Mostly they are using WinSCP client.
I have tried to expire their passwords but WinSCP didn't prompt them to change it.
Any ideas?
11 Answer
Well… SFTP is file transfer protocol and does not support any user management (password change) so in short, it is not possible in SFTP.
Only possibility is to allow SSH access only in order to change the password (eg. use ForceCommand with proxy selecting between sftp-server and passwd command), such as:
#!/bin/sh
# Script: /usr/local/bin/wrapper.sh
case "$SSH_ORIGINAL_COMMAND" in "/path/to/sftp-server") /path/to/sftp-server ;; "passwd") passwd ;; *) echo "Sorry. Only passwd to change password or sftp is allowed" exit 1 ;;
esac
