Re: keyboard-interactive auth

To: der Mouse <mouse%Rodents.Montreal.QC.CA@localhost>
Subject: Re: keyboard-interactive auth
From: Sam Hartman <hartmans-ietf%mit.edu@localhost>
Date: Thu, 08 Sep 2005 15:45:25 -0400

>>>>> "der" == der Mouse <mouse%Rodents.Montreal.QC.CA@localhost> writes:

    der> I'm trying to implement keyboard-interactive authentication, and I
    der> think maybe I've got something written, but when I try to use it
    der> against openssh, I see the exchange go

    der> <<< confirmation of ssh-userauth starting
    >>>> request mouse/ssh-connection/none
    der> <<< failure, can-continue publickey,password,keyboard-interactive
    >>>> request mouse/ssh-connection/keyboard-interactive
    der> <<< failure, can-continue publickey,password,keyboard-interactive

    der> This makes no sense to me; I'm not even sure how to interpret it,
    der> besides "server too confused to do keyboard-interactive for this user".

"Yeah, Openssh does that."  Openssh does not keep track of whether an
authentication method has failed to be useful on the server side.  It
continues to offer all the authentication methods even if they don't
really apply to the current user.  It expects the client to deal with
this.

--Sam

Follow-Ups:
- Re: keyboard-interactive auth
  - From: der Mouse

References:
- keyboard-interactive auth
  - From: der Mouse

Prev by Date: Re: keyboard-interactive auth
Next by Date: Re: keyboard-interactive auth
Previous by Thread: keyboard-interactive auth
Next by Thread: Re: keyboard-interactive auth
Indexes:

Home | Main Index | Thread Index | Old Index