authentication and debug messages.

To: ietf-ssh%netbsd.org@localhost
Subject: authentication and debug messages.
From: Markus Friedl <markus%openbsd.org@localhost>
Date: Fri, 14 Sep 2001 21:22:11 +0200

hi,

are messages of type SSH_MSG_DEBUG allowed during authentication?

can I replay to a SSH_MSG_USERAUTH_REQUEST message with SSH_MSG_DEBUG
and SSH_MSG_USERAUTH_FAILURE?

our server currenlty sends debug messages during public key
authentication, some clients seem to consider this as protocol
violations. i'm not sure how to interpret the drafts, they are not
clear about when SSH_MSG_DEBUG messages are allowed.

e.g. the userauth draft states:

        The server MUST respond with SSH_MSG_USERAUTH_SUCCESS (if
        no more authentications are needed), or SSH_MSG_USERAUTH_FAILURE
        (if the request failed, or more authentications are needed).

so it seems SSH_MSG_DEBUG is not allowed at this point.
should SSH_MSG_DEBUG be allowed? at least it would help
debugging authentication problems....

-m

Follow-Ups:
- Re: authentication and debug messages.
  - From: Joseph Galbraith

Prev by Date: RE: cooked mode sessions
Next by Date: Re: authentication and debug messages.
Previous by Thread: cooked mode sessions
Next by Thread: Re: authentication and debug messages.
Indexes:

Home | Main Index | Thread Index | Old Index