[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: auth_pubkry callback is only getting called with signature_state == SSH_PUBLICKEY_STATE_NONE
[Thread Prev] | [Thread Next]
- Subject: Re: auth_pubkry callback is only getting called with signature_state == SSH_PUBLICKEY_STATE_NONE
- From: Andreas Schneider <asn@xxxxxxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Thu, 30 Nov 2017 08:45:42 +0100
- To: libssh@xxxxxxxxxx
On Saturday, 21 October 2017 20:48:27 CET Eric Bentley wrote: > I changed the return to SSH_AUTH_SUCCESS and am now I get the second > authentication attempt and can authenticate. So is the documentation wrong > or am doing the wrong (but working) thing? If signature_state is SSH_PUBLICKEY_STATE_NONE then it is tries if the server would accept the public key. You need to compare them and if they match with an allowed key for the user, you would return SSH_AUTH_PARTIAL. The function should be called again with SSH_PUBLICKEY_STATE_VALID. And if the key match return SSH_AUTH_SUCCESS else it should be denied. It is possible that we have a bug in the auth fuctions ... Andreas -- Andreas Schneider GPG-ID: CC014E3D www.cryptomilk.org asn@xxxxxxxxxxxxxx
Archive administrator: postmaster@lists.cynapses.org