[Bug 3590] Why is the service name in the USERAUTH REQUEST message "ssh-connect" instead of "ssh-userauth"?
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Fri Jul 21 11:13:57 AEST 2023
https://bugzilla.mindrot.org/show_bug.cgi?id=3590
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |djm at mindrot.org
Resolution|--- |FIXED
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
It's explained in rfc4252 section 5:
> The 'service name' specifies the service to start after
> authentication. There may be several different authenticated
> services provided. If the requested service is not available, the
> server MAY disconnect immediately or at any later time. Sending a
> proper disconnect message is RECOMMENDED. In any case, if the
> service does not exist, authentication MUST NOT be accepted.
"ssh-userauth" is used in an earlier SSH2_MSG_SERVICE_REQUEST to
request the authentication service, but the authentication is being
performed to request access to the "ssh-connection" service.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list