You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Rohini Jori (Jira)" <ji...@apache.org> on 2020/06/26 11:38:00 UTC

[jira] [Created] (SSHD-1023) Maximum Authentications request not working correctly.

Rohini Jori created SSHD-1023:
---------------------------------

             Summary: Maximum Authentications request not working correctly. 
                 Key: SSHD-1023
                 URL: https://issues.apache.org/jira/browse/SSHD-1023
             Project: MINA SSHD
          Issue Type: New Feature
            Reporter: Rohini Jori
         Attachments: max-Auth-Request_LOGS.txt, step1.png, step2.png, step3.png

*Problem:* 

I have set my SFTP server adapter configuration as follows:
 # maximum authentication count- 3
 # authentication method- password & public-key.

Now I am testing the login functionality. 
 # verify by public-key-> I have entered the correct passphrase and then next step it will ask for further authentication.
 # verify by password-> I have entered the wrong password. so it shows the 'Access denied'.
 # Again it ask for password-> Now I entered the correct password. But then I am getting error like 'Too Many Authentications'.

But as you can see I have tried authenticating the user only 3 times. So ideally step 3 should be succeeded.  

So I checked the sshd logs there  I can see the authentication get performed with method='none' also. So I want to perform the authentication only by the methods supported by server. It should used only password and public-key  and Not with the method='none'.

 

 *I have set the UserAuthFactory at server side as below:*

UserAuthFactory publicFactory = UserAuthPublicKeyFactory.INSTANCE;

UserAuthFactory passwordFactory = UserAuthPasswordFactory.INSTANCE;

List<UserAuthFactory> authFactory = new ArrayList<UserAuthFactory>(); authFactory.add(passwordFactory);

authFactory.add(publicFactory);

sshdServer.setUserAuthFactories(authFactory);

 

This is not working only when we set the maximum authentication count=3 and authentication method= password & public key.

So how can we handle the maximum authentication request in this case? 

I have attached the log file for reference. I am using sshd jars version 2.4.0.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org