[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SSH And Password Auth



On Wed, 10 Jul 2002 at 08:41:50AM -0500, Jay Kline wrote:
> in it, however it is the server in the end who decides what authentication 
> method to use.  

Not according to the RFC....

   Provided the server didn't immediately accept the login, an
   authentication exchange begins.  The client sends messages to the
   server requesting different types of authentication in arbitrary
   order as many times as desired (however, the server may close the
   connection after a timeout).  The server always responds with
   SSH_SMSG_SUCCESS if it has accepted the authentication, and with
   SSH_SMSG_FAILURE if it has denied authentication with the requested
   method or it does not recognize the message.  Some authentication
   methods cause an exchange of further messages before the final result
   is sent.  The authentication phase ends when the server responds with
   success.

In addition...If I type:
ssh -l <user> <host>
as user A I get permission denied from the server (The client is attempting RSA
auth when the public key is not authorized)
If I type sudo 
ssh -l <user> <host>
and run the command as a differant user, it does not see ~/.ssh/identity and
does not try to use it.  I am then prompted for a password.  If the server
did indeed decide the method to use it would not matter what local user ran
the client.


-- 
Phil

PGP/GPG Key:
http://www.zionlth.org/~plhofmei/
wget -O - http://www.zionlth.org/~plhofmei/ | gpg --import

Attachment: pgpJRDdzqYEOc.pgp
Description: PGP signature


Reply to: