Alexander Lamaison wrote: > I've not checked the spec lately so can't swear to it but I don't > think a server is allowed to _require_ multiple authentication > methods.
It is. Check RFC 4252 5.1, the partial success field. > What it is allowed to do is say that it supports a method > but then fail to honour that. Well.. No, the method must be accepted, but there could be policy that means that it will always fail. > When the first attempt returns failure, you handle this by trying > the next available method. Yes, although clients might not bother. But partial success should be treated simply as a "all good so far, carry on".. In a way similar to the previous method just not being supported. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
