On Wed, 11 Feb 2015, Iain Morgan wrote: > On Tue, Feb 10, 2015 at 14:32:44 +0530, sshuser GA wrote: > > Hi, > > > > I understand MaxAuthTries is a parameter used to restrict the maximum > > number of authentication attempts. But I notice a difference in behavior > > when run from different client versions. > > The MaxAuthTries at the server side is 6. The server side is running > > OpenSSH 6.6 version. > > When wrong password is given from an openssh client 6.1 version, it > > disconnects after 3 attempts. > > When wrong password is given from an openssh client 6.6 version, it > > disconnects after 5 attempts. > > > > What is the reason for this difference ? Shouldn't the behavior be the > > same, across both the clients, since MaxAuthTries is a server side > > parameter? > > > > Keep in mind that MaxAuthTries is applied against _all_ authentication > methods -- not just password authentication. If you use ssh -v, I expect > that you will see that the apparent discrepancy is due to public-key or > hostbased authentication attempts. > > Also, it may be that your clients have NumberOfPasswordPrompts set > inconsistently. Or your server was patched to ignore public key queries (also in HEAD). _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev