Unexpected behavior with "-o PreferredAuthentications=password"

Jürgen Botz jurgen at botz.org
Wed Jul 21 21:52:53 AEST 2021

On 7/20/21 8:15 PM, Darren Tucker wrote:
> Long answer: in the first case the prompt was generated by the ssh client.
> In the second case the prompt was generated by the PAM stack and passed to
> [...]

Thanks, Darren, for the detailed explanation.  Makes complete sense.  In
particular understanding that 'password' auth with PAM enabled doesn't
competely bypass PAM but can't handle more complicated cases was
necessary to explain the combination of behaviors and log messages I

I'll add rfc4256 to my bed-time reading stack... ;-)

- Jürgen

More information about the openssh-unix-dev mailing list