[
https://issues.apache.org/jira/browse/SSHD-1023?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17146403#comment-17146403
]
Lyor Goldstein commented on SSHD-1023:
--------------------------------------
This issue has been discussed in the past and the conclusion we reached is that
there is no "right" implementation. Any way we implement it someone could argue
that it should have been implemented the other way. Therefore we chose one way
and stuck to it.
> Maximum Authentications request not working correctly.
> -------------------------------------------------------
>
> Key: SSHD-1023
> URL: https://issues.apache.org/jira/browse/SSHD-1023
> Project: MINA SSHD
> Issue Type: New Feature
> Reporter: Rohini Jori
> Priority: Major
> Attachments: max-Auth-Request_LOGS.txt, step1.png, step2.png,
> step3.png
>
>
> *Problem:*
> I have set my SFTP server adapter configuration as follows:
> # maximum authentication count- 3
> # authentication method- password & public-key.
> Now I am testing the login functionality.
> # verify by public-key-> I have entered the correct passphrase and then next
> step it will ask for further authentication.
> # verify by password-> I have entered the wrong password. so it shows the
> 'Access denied'.
> # Again it ask for password-> Now I entered the correct password. But then I
> am getting error like 'Too Many Authentications'.
> But as you can see I have tried authenticating the user only 3 times. So
> ideally step 3 should be succeeded.
> So I checked the sshd logs. There I can see the authentication get performed
> with method='none' also. So I want to perform the authentication only by the
> methods supported by server. It should used only password and public-key and
> Not with the method='none'.
>
> *I have set the UserAuthFactory at server side as below:*
> UserAuthFactory publicFactory = UserAuthPublicKeyFactory.INSTANCE;
> UserAuthFactory passwordFactory = UserAuthPasswordFactory.INSTANCE;
> List<UserAuthFactory> authFactory = new ArrayList<UserAuthFactory>();
> authFactory.add(passwordFactory);
> authFactory.add(publicFactory);
> sshdServer.setUserAuthFactories(authFactory);
>
> This is not working only when we set the maximum authentication count=3 and
> authentication method= password & public key.
> So how can we handle the maximum authentication request in this case?
> I have attached the log file for reference. I am using sshd jars version
> 2.4.0.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
