Subject: Re: libssh2 - public key and/or password auth methods

Re: libssh2 - public key and/or password auth methods

From: Alexander Lamaison <>
Date: Wed, 22 Dec 2010 23:45:06 +0000

On 22 December 2010 22:59, Mark Riordan <> wrote:
> How should an application determine whether both public key
> and password authentication methods are required?
> I'm not sure how to determine the difference between a server
> that requires both, or will take either one.
> I was kind of expecting functions like libssh2_userauth_publickey_fromfile
> and libssh2_userauth_password to have a return code that says
> "successful so far, but more authentication is required".

I've not checked the spec lately so can't swear to it but I don't
think a server is allowed to _require_ multiple authentication
methods. What it is allowed to do is say that it supports a method
but then fail to honour that. When the first attempt returns failure,
you handle this by trying the next available method.

Received on 2010-12-23