Re: Too many authentication failures

---

• From: Darren Tucker <dtucker@xxxxxxxxxxxxxxxx>
• Date: Sun, 27 Jan 2008 09:31:08 +1100

---

On 2008-01-25, phil-news-nospam@xxxxxxxx <phil-news-nospam@xxxxxxxx> wrote:

On Fri, 25 Jan 2008 10:28:08 +1100 Darren Tucker <dtucker@xxxxxxxxxxxxxxxx> wrote:
| On 2008-01-19, phil-news-nospam@xxxxxxxx <phil-news-nospam@xxxxxxxx> wrote:
|> On Fri, 18 Jan 2008 23:24:44 GMT Darren Dunham <ddunham@xxxxxxxx> wrote:
| [...]
|>| So I would assume setting PreferredAuthentications to
|>| 'keyboard-interactive,password' for that host will not attempt to send
|>| keybased identities.
|>
|> Don't assume that. I never saw that feature. I can see it now since I
|> know what name to look for from your post. It certainly wasn't the logic
|> I was looking for. I was always grepping for "identity" or "identities"
|> since that was clearly the thing getting in the way :-( But this makes
|> sense. I'll try it when I get back to work on Monday. Thanks.
|
| Try IdentityFile and IdentitiesOnly together in ssh_config.

That wouldn't achieve my goal, since it would turn password off entirely.
What I wanted was fewer identities for certain hosts so that a password
could be tried before the remote decided too many tries had been made.

Did you try it? Unless I'm misunderstanding what you're trying to do,
it does exactly what you're asking for. It doesn't turn of password
authentication.

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
.

---

• Follow-Ups:
  • Re: Too many authentication failures
    • From: phil-news-nospam

• References:
  • Too many authentication failures
    • From: phil-news-nospam
  • Re: Too many authentication failures
    • From: Darren Dunham
  • Re: Too many authentication failures
    • From: phil-news-nospam
  • Re: Too many authentication failures
    • From: Darren Tucker
  • Re: Too many authentication failures
    • From: phil-news-nospam

• Prev by Date: Re: using a SOCKS proxy from SSH
• Next by Date: Re: using a SOCKS proxy from SSH
• Previous by thread: Re: Too many authentication failures
• Next by thread: Re: Too many authentication failures
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Too many authentication failures ... with the identities. ... What my thinking was is that when I specify them, ... list under a section for just a host, ... narrow focus. ... (comp.security.ssh) Re: Too many authentication failures ... |>| 'keyboard-interactive,password' for that host will not attempt to send ... What I wanted was fewer identities for certain hosts so that a password ... this particular string ie encountered in the list of identities, ... (comp.security.ssh) Re: Too many authentication failures ... PH> for that host will not attempt to send |>|>| keybased identities. ... PH> of password | authentication. ... This means that, *during publickey authentication*, it will only use ... (comp.security.ssh) Re: Too many authentication failures ... |> That wouldn't achieve my goal, since it would turn password off entirely. ... |> What I wanted was fewer identities for certain hosts so that a password ... (comp.security.ssh) Re: Too many authentication failures ... | keybased identities. ... I never saw that feature. ... Good judgement comes with experience. ... (comp.security.ssh)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.security.ssh  > 2008-01