Re: "too many auth failures"?

To: Peter Gutmann <pgut001%cs.auckland.ac.nz@localhost>
Subject: Re: "too many auth failures"?
From: Joseph Galbraith <galb-list%vandyke.com@localhost>
Date: Wed, 27 Oct 2010 10:51:46 -0600

On 10/26/2010 20:05, Peter Gutmann wrote:
> der Mouse <mouse%Rodents-Montreal.ORG@localhost> writes:
> 
>> So, thoughts?  Am I missing something, or is this really as ill-behaved as I
>> think?
> 
> I don't think it is.  If you've set the server up to allow three tries at auth
> then you get three tries (I'm assuming it's set up to allow six here, which is
> a bit non-traditional, I would have expected three).  Stepping back a bit, why
> are you sending *six* keys to the server?  Shouldn't the client know which key
> it's supposed to use?  It seems more like the client is broken than the
> server.

I don't think the SSH server should count unsigned publickey attempts as
failures, since they aren't really an attempt.  There are many
clients that simply try all the keys they know about as unsigned
attempts in an attempt to get connected with less user configuration.

A signed publickey attempt with a bad signature probably should be
counted as a failure though.

Thanks,

Joseph

Follow-Ups:
- Re: "too many auth failures"?
  - From: Jeffrey Hutzelman

References:
- Re: "too many auth failures"?
  - From: Peter Gutmann

Prev by Date: Re: "too many auth failures"?
Next by Date: Re: "too many auth failures"?
Previous by Thread: Re: "too many auth failures"?
Next by Thread: Re: "too many auth failures"?
Indexes:

Home | Main Index | Thread Index | Old Index