search for: ssh2_msg_userauth_passwd_changereq

...rd expiry situation. Looking at RFC4252 <https://www.ietf.org/rfc/rfc4252.txt> (which is supported by SSHJ) I don't see any SSH_MSG_USERAUTH_PASSWD_CHANGEREQ [60] messages getting passed from OpenSSH. SSHJ expects these to allow prompting for new password. The only references to SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ in the OpenSSH Portable code are in "sshconnect2.c" - which I believe is client-side. So is RFC4252 supported for sshd (server-side) ? I have compiled OpenSSH Portable <https://github.com/openssh/openssh-portable> (v 7.8) on Centos 7 (using PAM) and got into debug mode...

...ted using fatal(). This doesn't need to be changed but it would be nice if it worked as per the draft. Similarly A client may also send a new password in the SSH2_MSG_USERAUTH_REQUEST, OpenSSH's sshd current ignores this and log's not supported. Currently an OpenSSH client receiving SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ from a server will die because that packet is not expected. I have a partial solution for the client side support of recieving a SSH_MSG_USERAUTH_PASSWD_CHANGEREQ but it needs further testing and cleanup. ------- You are receiving this mail because: ------- You are the assignee for the bug, or...