Re: Too many authentication failures

---

• From: Darren Tucker <dtucker@xxxxxxxxxxxxxxxx>
• Date: Sun, 27 Jan 2008 16:40:16 +1100

---

On 2008-01-27, phil-news-nospam@xxxxxxxx <phil-news-nospam@xxxxxxxx> wrote:

On Sun, 27 Jan 2008 09:31:08 +1100 Darren Tucker <dtucker@xxxxxxxxxxxxxxxx> wrote:

[ about IdentityFile and IdentitiesOnly together in ssh_config. ]

| Did you try it? Unless I'm misunderstanding what you're trying to do,
| it does exactly what you're asking for. It doesn't turn of password
| authentication.

If it doesn't cause ssh to use only identities, then it isn't doing what
it's name clearly implies.

IdentitiesOnly causes ssh to use only the specified (by IdentityFile)
public keys during public-key authentication (normally, it will try all
of the identities offered by the agent, which is usually the cause of
exceeding the number of attempts the server allows). It doesn't change
whether or not public key authentication methods are attempted.

Perhaps it would have been better named "SpecifiedIdentitiesOnly",
but I guess it's a victim of a verbosity/descriptiveness tradeoff.

And from what I read in (man ssh_config) it
would use only identities as configured. Based on that, there would be
no reason to try it, any more than any other randomly chosen option.

Other than it being suggested when you asked?

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
.

---

• Follow-Ups:
  • Re: Too many authentication failures
    • From: phil-news-nospam

• References:
  • Too many authentication failures
    • From: phil-news-nospam
  • Re: Too many authentication failures
    • From: Darren Dunham
  • Re: Too many authentication failures
    • From: phil-news-nospam
  • Re: Too many authentication failures
    • From: Darren Tucker
  • Re: Too many authentication failures
    • From: phil-news-nospam
  • Re: Too many authentication failures
    • From: Darren Tucker
  • Re: Too many authentication failures
    • From: phil-news-nospam

• Prev by Date: Re: Too many authentication failures
• Next by Date: Re: Too many authentication failures
• Previous by thread: Re: Too many authentication failures
• Next by thread: Re: Too many authentication failures
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Getting username ... There are three identities that may be of interest: ... Depending on the exact details of your ... authentication and impersonation scheme, one or more of these may contain ... > An ASP.NET page uses Windows authentication method for the user log in. ... (microsoft.public.dotnet.framework.aspnet) Re: Too many authentication failures ... PH> for that host will not attempt to send |>|>| keybased identities. ... PH> of password | authentication. ... This means that, *during publickey authentication*, it will only use ... (comp.security.ssh) Re: Help with SSH ... > I am trying to set up authentication with SSH so I can let a script run ... > a command through ssh on a remote server. ... > public keys and have copied the public key to the remote server to the ... (RedHat)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.security.ssh  > 2008-01