Permission denied message and leak with it

[Senthil Kumar]

Hello All,

I am using OpenSSH 4.x versions. If I try to ssh to a system with a user 
account and if all my auth methods fails, the client side gets the following 
message.

Permission denied (publickey,password,keyboard-interactive).

This looks like an information leak, where a malicious user can detect all 
the allowed authmethods on the server system.  I would like to know if there 
are some reasons for giving these informations out.


Thanks,
Senthil Kumar.