Hi all, I was wondering if there is a way to limit the maximum number of failed authentication attempts in an ssh server. looks like the serverAuthenticate <https://github.com/golang/crypto/blob/7c6cc321c680f03b9ef0764448e780704f486b51/ssh/server.go#L262> method won’t exit unless the authentication was successful or a i/o error occurs during packet read/write. I see only three options here to limit the number of failed authentications:
1. panic in the Callbacks when the limit is reached 2. modify the server config and remove the callbacks once the limit is reached 3. patch the serverAuthenticate to support a new config parameter that specifies the maximum number of attempts. I think the first two options are ugly. My colleague has a patch, i was just wondering what everyone think of the idea before submitting the changes. Cheers, JS -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
