On Wed, 10 Jul 2002 at 08:41:50AM -0500, Jay Kline wrote: > in it, however it is the server in the end who decides what authentication > method to use. Not according to the RFC.... Provided the server didn't immediately accept the login, an authentication exchange begins. The client sends messages to the server requesting different types of authentication in arbitrary order as many times as desired (however, the server may close the connection after a timeout). The server always responds with SSH_SMSG_SUCCESS if it has accepted the authentication, and with SSH_SMSG_FAILURE if it has denied authentication with the requested method or it does not recognize the message. Some authentication methods cause an exchange of further messages before the final result is sent. The authentication phase ends when the server responds with success. In addition...If I type: ssh -l <user> <host> as user A I get permission denied from the server (The client is attempting RSA auth when the public key is not authorized) If I type sudo ssh -l <user> <host> and run the command as a differant user, it does not see ~/.ssh/identity and does not try to use it. I am then prompted for a password. If the server did indeed decide the method to use it would not matter what local user ran the client. -- Phil PGP/GPG Key: http://www.zionlth.org/~plhofmei/ wget -O - http://www.zionlth.org/~plhofmei/ | gpg --import
Attachment:
pgpjnGp51swV8.pgp
Description: PGP signature