why openssh tries `none` authentication method
Damien Miller
djm at mindrot.org
Fri Dec 17 15:01:16 EST 2004
Logu wrote:
> Hi,
>
> I would like to know the significance of trying `none` method during
> authentication sequence. Is there any way to avoid unnecessary trying of
> this none authentication method first.
The relevant section from draft-ietf-secsh-userauth explains this:
> Authentication methods are identified by their name, as defined in
> [SSH-ARCH]. The "none" method is reserved, and MUST NOT be listed as
> supported. However, it MAY be sent by the client. The server MUST
> always reject this request, unless the client is to be allowed in
> without any authentication, in which case the server MUST accept this
> request. The main purpose of sending this request is to get the list
> of supported methods from the server.
More information about the openssh-unix-dev
mailing list