Ma/mscp
1
0
Fork 0
mirror of https://github.com/upa/mscp.git synced 2026-05-13 05:17:29 +08:00
Code Issues Packages Projects Releases 1 Wiki Activity

try pubkey auth first instead of noauth

Browse Source 
The libssh auth document suggets to call ssh_userauth_none() first to
obtain userauth list. However, it can lead PerSourcePenalties. Thus, try
pubkey auth first and try password and interactive auths next.
This commit is contained in:
Ryo Nakamura
2025-08-12 19:14:29 +09:00
parent 1eea34ff39
commit 27ef4a127a
1 changed files with 3 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/ssh.c
View File

@@ -117,23 +117,11 @@ static int ssh_authenticate(ssh_session ssh, struct mscp_ssh_opts *opts)
int auth_bit_mask; int auth_bit_mask;
int ret; int ret;
/* none method */ /* try publickey auth first */
ret = ssh_userauth_none(ssh, NULL); char *p = opts->passphrase ? opts->passphrase : NULL;
if (ret == SSH_AUTH_SUCCESS) if (ssh_userauth_publickey_auto(ssh, NULL, p) == SSH_AUTH_SUCCESS)
return 0; return 0;
auth_bit_mask = ssh_userauth_list(ssh, NULL);
if (auth_bit_mask & SSH_AUTH_METHOD_NONE &&
ssh_userauth_none(ssh, NULL) == SSH_AUTH_SUCCESS)
return 0;
auth_bit_mask = ssh_userauth_list(ssh, NULL);
if (auth_bit_mask & SSH_AUTH_METHOD_PUBLICKEY) {
char *p = opts->passphrase ? opts->passphrase : NULL;
if (ssh_userauth_publickey_auto(ssh, NULL, p) == SSH_AUTH_SUCCESS)
return 0;
}
auth_bit_mask = ssh_userauth_list(ssh, NULL); auth_bit_mask = ssh_userauth_list(ssh, NULL);
if (auth_bit_mask & SSH_AUTH_METHOD_PASSWORD) { if (auth_bit_mask & SSH_AUTH_METHOD_PASSWORD) {
if (!opts->password) { if (!opts->password) {