That's pretty common when you have a load of keys added to ssh-agent - ssh client tries each of these first, before asking you to provide a password. Either specify password as the PreferredAuthentication for this Host, or drop all identities from ssh-agent (ssh -add -D) and try that. Regards, Philip Yarra. On Mon, 10 Jan 2005 01:07 pm, George Hansper wrote: > George Hansper wrote: > > > Changing the /etc/ssh/sshd_config setting: > > MaxAuthTries 1 > > limits the user to 1 try per TCP connection, and brings pam_abl into > > line with real attempts > > > > This works for Fedora Core 3 (openssh-server 3.9p1-7) > > > > For Mandrake 10.1, 'MaxAuthTries N' allows 'N+1' tries, and never allows more > > than 3 tries anyway. 'MaxAuthTries 1' kicks you out before you start! > > I'm reluctant to set 'MaxAuthTries 0', even though this works. I though > > I had Mandrake allowing "N-1" tries, too, though I can't reproduce it for now. > > > > Fedora Core 3 (openssh-server 3.9p1-7) has started giving me the same > strange behaviour as Mandrake: > > MaxAuthTries 1 > > > ssh george@xxxxxxxxx > Received disconnect from 127.0.0.1: 2: Too many authentication failures for george > > ie before I can enter a password! > > If I set: > MaxAuthTries 2 > > > ssh georgeh@xxxxxxxxx > george@xxxxxxxxx's password: > Received disconnect from 127.0.0.1: 2: Too many authentication failures for george > > ie one attempt. > > I have restarted the sshd server at each config change, and I haven't been drinking, either! > > Obviously, this ambiguity of MaxAuthTries is a "characteristic" of openssh-server 3.9p1-7 > > Regards, > George Hansper > > _______________________________________________ > > Pam-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/pam-list > _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
