www.libssh2.org | Daily snapshots | Mailing list archive | Docs | Examples | github

Archive Index This month's Index

Subject: Re: libssh2 - public key and/or password auth methods

Re: libssh2 - public key and/or password auth methods

From: Peter Stuge <peter_at_stuge.se>
Date: Thu, 23 Dec 2010 03:06:57 +0100

Alexander Lamaison wrote:
> I've not checked the spec lately so can't swear to it but I don't
> think a server is allowed to _require_ multiple authentication
> methods.

It is. Check RFC 4252 5.1, the partial success field.

> What it is allowed to do is say that it supports a method
> but then fail to honour that.

Well.. No, the method must be accepted, but there could be policy
that means that it will always fail.

> When the first attempt returns failure, you handle this by trying
> the next available method.

Yes, although clients might not bother. But partial success should be
treated simply as a "all good so far, carry on".. In a way similar to
the previous method just not being supported.

libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2010-12-23

the libssh2 team