diff options
| author | Jacob Nevins <jacobn@chiark.greenend.org.uk> | 2005-11-13 19:06:41 +0300 |
|---|---|---|
| committer | Jacob Nevins <jacobn@chiark.greenend.org.uk> | 2005-11-13 19:06:41 +0300 |
| commit | de945281fc4752ecf5f2974b59298f6dbf6f51ee (patch) | |
| tree | 12a75d79035ff486c90eb5f06ab13cd942b87868 /doc/errors.but | |
| parent | 59dca370bb6e5f88361fe3efd55d3e9d4bc68196 (diff) | |
r6437 broke the case where Pageant is running but contains no SSH-2 keys
that the SSH-2 server is happy with. Fixed, and since I'm here, fix
`pubkeyfile-and-pageant' as well (for SSH-1 and SSH-2).
Also, in SSH-2, we now reexamine "methods that can continue" for every
Pageant key offer, which is technically more correct although it seems
unlikely that it was causing any real problems.
(It's not entirely pretty, but neither was the old code. We could probably
do with some sort of abstraction for public/private keys to avoid carting
lots of fiddly bits of data around.)
[originally from svn r6459]
[r6437 == 8719f92c1426609de7ead4a490a15d1d18875f53]
[this svn revision also touched putty-wishlist]
Diffstat (limited to 'doc/errors.but')
| -rw-r--r-- | doc/errors.but | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/doc/errors.but b/doc/errors.but index f3fa117b..7cdda2fd 100644 --- a/doc/errors.but +++ b/doc/errors.but @@ -79,16 +79,23 @@ puts up this warning only for \ii{single-DES} and \i{Arcfour} encryption. See \k{config-ssh-encryption} for more information on this message. \H{errors-toomanyauth} \q{Server sent disconnect message type 2 -(SSH_DISCONNECT_PROTOCOL_ERROR): "Too many authentication failures for root"} +(protocol error): "Too many authentication failures for root"} This message is produced by an \i{OpenSSH} (or \i{Sun SSH}) server if it receives more failed authentication attempts than it is willing to -tolerate. This can easily happen if you are using Pageant and have a -large number of keys loaded into it. This can be worked around on the -server by disabling public-key authentication or (for Sun SSH only) by -increasing \c{MaxAuthTries} in \c{sshd_config}. Neither of these is a -really satisfactory solution, and we hope to provide a better one in a -future version of PuTTY. +tolerate. + +This can easily happen if you are using Pageant and have a +large number of keys loaded into it, since these servers count each +offer of a public key as an authentication attempt. This can be worked +around by specifying the key that's required for the authentication in +the PuTTY configuration (see \k{config-ssh-privkey}; PuTTY will ignore +any other keys Pageant may have, but will ask Pageant to do the +authentication, so that you don't have to type your passphrase. + +On the server, this can be worked around by disabling public-key +authentication or (for Sun SSH only) by increasing \c{MaxAuthTries} in +\c{sshd_config}. \H{errors-memory} \q{\ii{Out of memory}} |