Announce: OpenSSH 6.2 released
Markus Friedl
mfriedl at gmail.com
Sat Mar 23 02:58:53 EST 2013
no. check http://tools.ietf.org/html/rfc4252
Am 22.03.2013 um 15:57 schrieb Andy Tsouladze <andyb1 at andy-t.org>:
>
>> * sshd(8): Added support for multiple required authentication in SSH
>> protocol 2 via an AuthenticationMethods option. This option lists
>> one or more comma-separated lists of authentication method names.
>> Successful completion of all the methods in any list is required for
>> authentication to complete. This allows, for example, requiring a
>> user having to authenticate via public key or GSSAPI before they
>> are offered password authentication.
>
> I have compiled and installed openssh-6.2, and configured it to use
>
> AuthenticationMethods publickey,password
>
> It works well but it returns a message "Authenticated with partial success." after the key is accepted. If I change the order of authentication to be `password,publickey', the same message is returned after password is accepted. IMHO, no message should be printed until full authentication is completed, because "partial success" will give an attacker a clue as to what is going on. Can this message be suppressed? If so, does it require a patch, or just some config option?
>
> Regards,
>
> Andy
>
> Dr Andy Tsouladze
> Sr Unix/Storage SysAdmin
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
More information about the openssh-unix-dev
mailing list