User Authentication
Abhijeet Thakare
abhi at acc.com
Fri Apr 19 04:41:22 EST 2002
Hi,
In section 2.2 "Responses to Authentication Requests" of SSH Authentication
Protocol
"
The client MAY send several authentication requests without waiting
for responses from previous requests. The server MUST process each
request completely and acknowledge any failed requests with a
SSH_MSG_USERAUTH_FAILURE message before processing the next request.
A request that results in further exchange of messages will be
aborted by a second request. It is not possible to send a second
request without waiting for a response from the server, if the first
request will result in further exchange of messages. No
SSH_MSG_USERAUTH_FAILURE message will be sent for the aborted method.
"
This is confusing.
Why should the client send several authentication requests without waiting
for responses
from previous requests? This makes the server state machine complex
specially when
authentication(user name) and signature verification are performed by
different process.
Whats the advantage of doing that?
Thanks,
Abhijeet
More information about the openssh-unix-dev
mailing list