https://bugzilla.mindrot.org/show_bug.cgi?id=1702
Summary: PreferredAuthentications setting doesn't work when
spaces are used as documented
Product: Portable OpenSSH
Version: 5.3p1
Platform: Other
OS/Version: Mac OS X
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: [email protected]
ReportedBy: [email protected]
The man page ssh_config.5 specifies the default setting for
PreferredAuthentications as:
"gssapi-with-mic, hostbased, publickey, keyboard-interactive, password"
with a space after each comma.
But when I set PreferredAuthentications in ssh_config as follows:
PreferredAuthentications "gssapi-keyex, gssapi-with-mic, publickey,
hostbased, password"
with a space after each comma, ssh fails to process authentication
methods beyond the first one in the list. It will however work as
expected if the spaces are removed.
Either the man page or code (match_list()?) needs to be fixed.
Below is the debug log of the failure:
debug1: Authentications that can continue:
publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
debug3: start over, passed a different list
publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
debug3: preferred gssapi-keyex, gssapi-with-mic, publickey, hostbased,
password
debug3: authmethod_lookup gssapi-keyex
debug3: remaining preferred: gssapi-with-mic, publickey, hostbased,
password
debug3: authmethod_is_enabled gssapi-keyex
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied
(publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive).
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
