George Hansper wrote:
Changing the /etc/ssh/sshd_config setting: MaxAuthTries 1 limits the user to 1 try per TCP connection, and brings pam_abl into line with real attempts
This works for Fedora Core 3 (openssh-server 3.9p1-7)
For Mandrake 10.1, 'MaxAuthTries N' allows 'N+1' tries, and never allows more than 3 tries anyway. 'MaxAuthTries 1' kicks you out before you start! I'm reluctant to set 'MaxAuthTries 0', even though this works. I though I had Mandrake allowing "N-1" tries, too, though I can't reproduce it for now.
Fedora Core 3 (openssh-server 3.9p1-7) has started giving me the same strange behaviour as Mandrake:
MaxAuthTries 1
> ssh george@xxxxxxxxx Received disconnect from 127.0.0.1: 2: Too many authentication failures for george
ie before I can enter a password!
If I set: MaxAuthTries 2
> ssh georgeh@xxxxxxxxx george@xxxxxxxxx's password: Received disconnect from 127.0.0.1: 2: Too many authentication failures for george
ie one attempt.
I have restarted the sshd server at each config change, and I haven't been drinking, either!
Obviously, this ambiguity of MaxAuthTries is a "characteristic" of openssh-server 3.9p1-7
Regards, George Hansper
_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
