Start a new topic

change Password via FTP Client

DirkM @ Wed Aug 27 09:47:56 EEST 2014
Hello together,

i have a question about changing user passwords. My case is that the user password has expired. The user logs in via a ftp client and only sees the expired.html file. Open and read gives them the hint to log off now and relogin with a new password.

I have tried this several ways. All with the same result that the password won't be changed. I only get the expired.html file shown.

Only the site pass command gets me out of this.

What’s going wrong with the described solution in the expired.html file. Has anyone a clue?

Greetings
Dirk

spinkb @ Thu Aug 28 18:36:30 EEST 2014
When you login and use a different password....does it deny your login? Or do you get logged in?

It should save your password, and give you back your normal Virtual File System (VFS).

Thanks,
Ben
DirkM @ Fri Aug 29 02:03:03 EEST 2014
Hello Ben,

Folowing Steps:

1.) Password is expired, User logs in and gets the expired.html view
2.) Logoff
3.) Login with different Password, got the same expired.html view
4.) Logoff
5.) Login with different Password, got the same expired.html view and so on....

Diffferent way:

1.) Password is expired, User logs in and gets the expired.html view
2.) Don't Logoff and open a second session with different password, got the same expired.html view
3.) Logoff both sessions
4.) Login with different Password, got the same expired.html view

If the password is expired i can login with any password i want. I allways get the expired.html view.

Greetings
Dirk
Solyom84 @ Fri Aug 29 07:20:54 EEST 2014
Hi, DirkM.

On what exact CrushFTP version and build are you on, and what FTP client have you used?
I just tried from OSX terminal and Windows CMD doing the exact thing and it works as it supposed to.
So I got the user password expired then logged in from command line and entered the expired password and it gave me the Expired.html and after that I Quit and relogon again using another password and that password is used as the new password and I can log in and see all the files normally.

I tested on CrushFTP 7.1.0_106.

Let us know.

Thanks,
Arpad.
DirkM @ Fri Aug 29 08:23:44 EEST 2014
Hello,

my Version is

CrushFTP Version 7.1.0_95 from CrushFTP, LLC

Last Server Restart : Tue Aug 26 16:06:13 CEST 2014
CrushFTP is up to date (Version 7.1.0_95)



Here is what i reproduce with your guideline:

:arrow: First login all works fine



[2014-08-29 15:12.17] ~
[malzahn.nexus] ? ftp 192.168.250.75
Connected to 192.168.250.75.
220-Welcome Back to Medion FTP Services
220 CrushFTP Server Ready!
Name (192.168.250.75:malzahn): dirkm
331 Username OK. Need password.
Password:
230 Password OK. Connected. logged in
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> dir
200 PORT command successful. 62.134.198.158:61450.
150 Opening data connection for file list.
drwxr-xr-x 2 root root 3 Aug 27 09:37 Firma B
drwxr-xr-x 2 root root 4 Aug 27 09:37 Firma A
-rw-r--r-- 1 root root 0 Aug 27 09:37 1
226 Directory transfer complete. (generate:3ms)(send:4ms)
ftp> exit
?Invalid command
ftp> quit
221 Goodbye.
?
??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

:arrow: Now i will expire the password in the admin console.


[2014-08-29 15:12.34] ~
[malzahn.nexus] ? ftp 192.168.250.75
Connected to 192.168.250.75.
220-Welcome Back to Medion FTP Services
220 CrushFTP Server Ready!
Name (192.168.250.75:malzahn): dirkm
331 Username OK. Need password.
Password:
230 Password OK. Connected. logged in
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> dir
200 PORT command successful. 62.134.198.158:61457.
150 Opening data connection for file list.
-rwxrwxrwx 1 user group 710 Jan 02 15:21 expired.html
226 Directory transfer complete. (generate:4ms)(send:4ms)
ftp> quit
221 Goodbye.

:arrow: Login again with different password:

?
??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
[2014-08-29 15:12.58] ~
[malzahn.nexus] ? ftp 192.168.250.75
Connected to 192.168.250.75.
220-Welcome Back to Medion FTP Services
220 CrushFTP Server Ready!
Name (192.168.250.75:malzahn): dirkm
331 Username OK. Need password.
Password:
230 Password OK. Connected. logged in
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> dir
200 PORT command successful. 62.134.198.158:61463.
150 Opening data connection for file list.
-rwxrwxrwx 1 user group 710 Jan 02 15:21 expired.html
226 Directory transfer complete. (generate:4ms)(send:5ms)
ftp> exit
?Invalid command
ftp> quit
221 Goodbye.


:arrow: Login with the password from the prev try.
?
??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
[2014-08-29 15:13.13] ~
[malzahn.nexus] ? ftp 192.168.250.75
Connected to 192.168.250.75.
220-Welcome Back to Medion FTP Services
220 CrushFTP Server Ready!
Name (192.168.250.75:malzahn): dirkm
331 Username OK. Need password.
Password:
230 Password OK. Connected. logged in
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> dir
200 PORT command successful. 62.134.198.158:61479.
150 Opening data connection for file list.
-rwxrwxrwx 1 user group 710 Jan 02 15:21 expired.html
226 Directory transfer complete. (generate:4ms)(send:5ms)
ftp>


From now on i can use any password to login i always get the expire.html file......

Strange for me.....
spinkb @ Fri Aug 29 08:28:26 EEST 2014
Set your debug level for logging to level 1.

What is CrushFTP logging for the attempt at logging in with a new password?

Thanks,
Ben
DirkM @ Fri Aug 29 08:36:55 EEST 2014
29.08.2014 03:34:38 PM|Cleaning up sessions:0 sessions tracked, 1 activity items tracked, 3 sessions tracked, 0 activities expired, 0 sessions expired in first pass, and 0 expired in second pass.
29.08.2014 03:34:42 PM|[FTP:lookup:21][11324] Accepting connection from: xx.xx.xx.xx:62116
29.08.2014 03:34:45 PM|[FTP:11324::] READ : *USER dirkm*
29.08.2014 03:34:45 PM|[FTP:11324:dirkm:] WROTE: *331 Username OK. Need password.*
29.08.2014 03:34:47 PM|UserBackupPurge:Looking for old user folders to delete from here:./backup/
29.08.2014 03:34:47 PM|UserBackupPurge:Folder has 94 items.
29.08.2014 03:34:47 PM|[FTP:11324:dirkm:] WROTE: *230 Password OK. Connected. logged in*
29.08.2014 03:34:47 PM|[FTP:11324:dirkm:] READ : *SYST *
29.08.2014 03:34:47 PM|[FTP:11324:dirkm:] WROTE: *215 UNIX Type: L8*

spinkb @ Fri Aug 29 08:38:48 EEST 2014
This indicates it did write a user.xml file...

Can you compare the user.xml file for your user and see if it is in fact changing?

It seems like it is...so maybe this is a caching type issue.

Are you using a DB backend for your users? That might be an issue...

Let me know,
Ben
DirkM @ Fri Aug 29 08:46:06 EEST 2014
The user.xml is changing:

medFTP-crush:/var/opt/CrushFTP7_PC/users/MainUsers/dirkm# more user.XML


/
6
08/29/2014 03:34:47 PM,08/29/2014 03:31:37 PM
30
true
dirkm
1.0
dirkm
./users/MainUsers/dirkm/
true
SHA512:39818fb2d074d0f356392539d68b67afbc4e3768e78b6375936b63555c6928452dcc96e50aeefbf01a56a01d958ad518d29aa9b5c46a6162363cf2438eab5066
0
08/29/2014 03:12:39 PM






medFTP-crush:/var/opt/CrushFTP7_PC/users/MainUsers/dirkm# more user.XML


true
1.0
SHA512:8dfc413a4fc326ccfc8d971771024449d302b3d4ead99cc63d4b35ea51d1874b4e6207ea6b9530cb2855d66e98c8fbe8aac83df4aa57318d8868163678c949a0
dirkm
30
08/29/2014 03:41:01 PM,08/29/2014 03:34:47 PM,08/29/2014 03:31:37 PM
0
08/29/2014 03:12:39 PM
./users/MainUsers/dirkm/
dirkm
true
6
/






medFTP-crush:/var/opt/CrushFTP7_PC/users/MainUsers/dirkm# more user.XML


/
6
08/29/2014 03:42:58 PM,08/29/2014 03:41:01 PM,08/29/2014 03:34:47 PM,08/29/2014 03:31:37 PM
30
true
dirkm
1.0
dirkm
./users/MainUsers/dirkm/
true
SHA512:8dfc413a4fc326ccfc8d971771024449d302b3d4ead99cc63d4b35ea51d1874b4e6207ea6b9530cb2855d66e98c8fbe8aac83df4aa57318d8868163678c949a0
0
08/29/2014 03:12:39 PM




3 user.xml after recorded after each login....

With the db i use crushftp at the moment with the default config. So i don't created a db by myself.
spinkb @ Fri Aug 29 09:02:37 EEST 2014
Please try latest build now. It has some additional logging. Send me what is logged with the new password when you try and login.

7.1.0_108

Thanks,
Ben
DirkM @ Fri Aug 29 09:06:05 EEST 2014
With the extended new logging

29.08.2014 04:04:06 PM|[FTP:lookup:21][11369] Accepting connection from: xx.xx.xx.xx:63499
29.08.2014 04:04:08 PM|[FTP:11369::xx.xx.xx.xx] READ : *USER dirkm*
29.08.2014 04:04:08 PM|UserBackupPurge:Looking for old user folders to delete from here:./backup/
29.08.2014 04:04:08 PM|UserBackupPurge:Folder has 99 items.
29.08.2014 04:04:08 PM|[FTP:11369:dirkm:xx.xx.xx.xx] WROTE: *331 Username OK. Need password.*
29.08.2014 04:04:11 PM|dirkm logging in to change expired password...
29.08.2014 04:04:11 PM|UserBackupPurge:Looking for old user folders to delete from here:./backup/
29.08.2014 04:04:11 PM|UserBackupPurge:Folder has 100 items.
29.08.2014 04:04:11 PM|UserBackupPurge:Folder has 76 user items, max is 100.
29.08.2014 04:04:11 PM|[FTP:11369:dirkm:xx.xx.xx.xx] WROTE: *230 Password OK. Connected. logged in*
29.08.2014 04:04:11 PM|[FTP:11369:dirkm:xx.xx.xx.xx] READ : *SYST *
29.08.2014 04:04:11 PM|[FTP:11369:dirkm:xx.xx.xx.xx] WROTE: *215 UNIX Type: L8*
29.08.2014 04:04:14 PM|[FTP:11369:dirkm:xx.xx.xx.xx] READ : *PORT 62,134,198,158,248,17*
29.08.2014 04:04:14 PM|[FTP:11369:dirkm:xx.xx.xx.xx] WROTE: *200 PORT command successful. xx.xx.xx.xx:63505.*
29.08.2014 04:04:14 PM|[FTP:11369:dirkm:xx.xx.xx.xx] READ : *LIST *
29.08.2014 04:04:14 PM|[FTP:11369:dirkm:xx.xx.xx.xx] WROTE: *150 Opening data connection for file list.*
29.08.2014 04:04:14 PM|[FTP:11369:dirkm:xx.xx.xx.xx] WROTE: *226 Directory transfer complete. (generate:7ms)(send:8ms)*
29.08.2014 04:04:16 PM|[FTP:11369:dirkm:xx.xx.xx.xx] READ : *QUIT *
29.08.2014 04:04:16 PM|[FTP:11369:dirkm:xx.xx.xx.xx] WROTE: *221 Goodbye.*
29.08.2014 04:04:16 PM|[FTP:11369:dirkm:xx.xx.xx.xx] *Disconnected.*
spinkb @ Fri Aug 29 09:13:31 EEST 2014
You have configured a password history for your server, and the password your sat tempting is a password already in the history for this user.

Use a more unique password you have never used before.

Thanks,
Ben
DirkM @ Fri Aug 29 09:18:55 EEST 2014
Sorry Ben i tryed a password totally different from anyone i have ever typed in 3 times. each try a different. but always the same result. I received the expired.html file
spinkb @ Fri Aug 29 09:21:27 EEST 2014
Show me a new log using a password you have never entered before.

Thanks,
Ben
spinkb @ Fri Aug 29 09:22:35 EEST 2014
Update once more too, added another log entry to track what its doing.
Login to post a comment