[
https://issues.apache.org/jira/browse/SSHD-1023?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Rohini Jori updated SSHD-1023:
------------------------------
Description:
*Problem:*
I have set my SFTP server adapter configuration as follows:
# maximum authentication count- 3
# authentication method- password & public-key.
Now I am testing the login functionality.
# verify by public-key-> I have entered the correct passphrase and then next
step it will ask for further authentication.
# verify by password-> I have entered the wrong password. so it shows the
'Access denied'.
# Again it ask for password-> Now I entered the correct password. But then I
am getting error like 'Too Many Authentications'.
But as you can see I have tried authenticating the user only 3 times. So
ideally step 3 should be succeeded.
So I checked the sshd logs. There I can see the authentication get performed
with method='none' also. So I want to perform the authentication only by the
methods supported by server. It should used only password and public-key and
Not with the method='none'.
*I have set the UserAuthFactory at server side as below:*
UserAuthFactory publicFactory = UserAuthPublicKeyFactory.INSTANCE;
UserAuthFactory passwordFactory = UserAuthPasswordFactory.INSTANCE;
List<UserAuthFactory> authFactory = new ArrayList<UserAuthFactory>();
authFactory.add(passwordFactory);
authFactory.add(publicFactory);
sshdServer.setUserAuthFactories(authFactory);
This is not working only when we set the maximum authentication count=3 and
authentication method= password & public key.
So how can we handle the maximum authentication request in this case?
I have attached the log file for reference. I am using sshd jars version 2.4.0.
was:
*Problem:*
I have set my SFTP server adapter configuration as follows:
# maximum authentication count- 3
# authentication method- password & public-key.
Now I am testing the login functionality.
# verify by public-key-> I have entered the correct passphrase and then next
step it will ask for further authentication.
# verify by password-> I have entered the wrong password. so it shows the
'Access denied'.
# Again it ask for password-> Now I entered the correct password. But then I
am getting error like 'Too Many Authentications'.
But as you can see I have tried authenticating the user only 3 times. So
ideally step 3 should be succeeded.
So I checked the sshd logs there I can see the authentication get performed
with method='none' also. So I want to perform the authentication only by the
methods supported by server. It should used only password and public-key and
Not with the method='none'.
*I have set the UserAuthFactory at server side as below:*
UserAuthFactory publicFactory = UserAuthPublicKeyFactory.INSTANCE;
UserAuthFactory passwordFactory = UserAuthPasswordFactory.INSTANCE;
List<UserAuthFactory> authFactory = new ArrayList<UserAuthFactory>();
authFactory.add(passwordFactory);
authFactory.add(publicFactory);
sshdServer.setUserAuthFactories(authFactory);
This is not working only when we set the maximum authentication count=3 and
authentication method= password & public key.
So how can we handle the maximum authentication request in this case?
I have attached the log file for reference. I am using sshd jars version 2.4.0.
> Maximum Authentications request not working correctly.
> -------------------------------------------------------
>
> Key: SSHD-1023
> URL: https://issues.apache.org/jira/browse/SSHD-1023
> Project: MINA SSHD
> Issue Type: New Feature
> Reporter: Rohini Jori
> Priority: Major
> Attachments: max-Auth-Request_LOGS.txt, step1.png, step2.png,
> step3.png
>
>
> *Problem:*
> I have set my SFTP server adapter configuration as follows:
> # maximum authentication count- 3
> # authentication method- password & public-key.
> Now I am testing the login functionality.
> # verify by public-key-> I have entered the correct passphrase and then next
> step it will ask for further authentication.
> # verify by password-> I have entered the wrong password. so it shows the
> 'Access denied'.
> # Again it ask for password-> Now I entered the correct password. But then I
> am getting error like 'Too Many Authentications'.
> But as you can see I have tried authenticating the user only 3 times. So
> ideally step 3 should be succeeded.
> So I checked the sshd logs. There I can see the authentication get performed
> with method='none' also. So I want to perform the authentication only by the
> methods supported by server. It should used only password and public-key and
> Not with the method='none'.
>
> *I have set the UserAuthFactory at server side as below:*
> UserAuthFactory publicFactory = UserAuthPublicKeyFactory.INSTANCE;
> UserAuthFactory passwordFactory = UserAuthPasswordFactory.INSTANCE;
> List<UserAuthFactory> authFactory = new ArrayList<UserAuthFactory>();
> authFactory.add(passwordFactory);
> authFactory.add(publicFactory);
> sshdServer.setUserAuthFactories(authFactory);
>
> This is not working only when we set the maximum authentication count=3 and
> authentication method= password & public key.
> So how can we handle the maximum authentication request in this case?
> I have attached the log file for reference. I am using sshd jars version
> 2.4.0.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
