[jira] [Created] (SSHD-1023) Maximum Authentications request not working correctly.

Fri, 26 Jun 2020 04:38:35 -0700 

Rohini Jori created SSHD-1023:
---------------------------------

             Summary: Maximum Authentications request not working correctly. 
                 Key: SSHD-1023
                 URL: https://issues.apache.org/jira/browse/SSHD-1023
             Project: MINA SSHD
          Issue Type: New Feature
            Reporter: Rohini Jori
         Attachments: max-Auth-Request_LOGS.txt, step1.png, step2.png, step3.png

*Problem:* 

I have set my SFTP server adapter configuration as follows:
 # maximum authentication count- 3
 # authentication method- password & public-key.

Now I am testing the login functionality. 
 # verify by public-key-> I have entered the correct passphrase and then next 
step it will ask for further authentication.
 # verify by password-> I have entered the wrong password. so it shows the 
'Access denied'.
 # Again it ask for password-> Now I entered the correct password. But then I 
am getting error like 'Too Many Authentications'.

But as you can see I have tried authenticating the user only 3 times. So 
ideally step 3 should be succeeded.  

So I checked the sshd logs there  I can see the authentication get performed 
with method='none' also. So I want to perform the authentication only by the 
methods supported by server. It should used only password and public-key  and 
Not with the method='none'.

 

 *I have set the UserAuthFactory at server side as below:*

UserAuthFactory publicFactory = UserAuthPublicKeyFactory.INSTANCE;

UserAuthFactory passwordFactory = UserAuthPasswordFactory.INSTANCE;

List<UserAuthFactory> authFactory = new ArrayList<UserAuthFactory>(); 
authFactory.add(passwordFactory);

authFactory.add(publicFactory);

sshdServer.setUserAuthFactories(authFactory);

 

This is not working only when we set the maximum authentication count=3 and 
authentication method= password & public key.

So how can we handle the maximum authentication request in this case? 

I have attached the log file for reference. I am using sshd jars version 2.4.0.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to