SSH MaxAuthTries

[MoreFeo]

Hi, we're installing ssh on our AIX servers.
We've installed the rpm requisites (zlib, prngd, openssl and openssl-devel) and downloaded and installed openssh from

https://sourceforge.net/projects/openssh-aix

It is working fine, but we're not able to increase the number of unsuccesfull logins.
In the sshd_config we've put
MaxAutTries 6, but it only accepts 2 atempts, if the second login is unsuccesfull it closes the connection.

I don't know if there is another parameter that we need to change (MaxAuthTriesLog doesn't work un AIX), or if there is something more we must do.

Does anyone know how to solve this?

Thanks

 

[khalidaaa]

how about restarting the sshd daemon after changing the value!?!

stopsrc -s sshd

startsrc -s sshd

Regards,
Khalid

 

[MoreFeo]

Forgot to say that we refresh the sshd daemon after each change.

 

[MoreFeo]

I've stopped the sshd daemon (stopsrc -s sshd).
Then I've edited /etc/ssh/sshd_config:
MaxAuthTries 6

Then I've restarted the sshd daemon (startsrc -s sshd).

But when I put twice an incorrect password it closes the connection and it gives me this error:
Server sent disconnect message
type 2 (SSH_DISCONNECT_PROTOCOL_ERROR):
"Too many authentication failures for username"

No ideas?

 

[foobar13]

I'm getting slightly different results that what you posted. I set

MaxAuthTries 1

on my system and it worked properly. But the message I got was

[foobar@tundra ~]$ ssh pei
foobar@pei's password:
Received disconnect from 10.1.1.12: 2: Too many authentication failures for foobar

What version of AIX are you using? Is there only one MaxAuthTries in your sshd_config file? Is there a typo? (There is in your original posting)

 

[MoreFeo]

OK, I think I've got it.
I've increased MaxAuthTries to 10, and now it lets 4 attempts, on the 4th failure it disconnects.
With MaxAuthTries 9, it lets 3 attempts.

So I think that it starts trying to authenticate with keys, and that makes some failed tries before it prompts for login.

 

[p5wizard]

You will get probably the info as to why it uses up the attempts with:

ssh -v rmthost



HTH,

p5wizard

 

[MoreFeo]

Well, I've tried with ssh -v, from a solaris, and that's what I get:

....
....
....
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: key does not exist: //.ssh/identity
debug1: key does not exist: //.ssh/id_rsa
debug1: key does not exist: //.ssh/id_dsa
debug1: next auth method to try is password
root@rmthost's password:
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is password
Permission denied, please try again.
root@rmthost's password:
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is password
Permission denied, please try again.
root@rmthost's password:
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is password
debug1: next auth method to try is keyboard-interactive
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is keyboard-interactive
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is keyboard-interactive
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is keyboard-interactive
debug1: no more auth methods to try
Unable to find an authentication method
debug1: Calling cleanup 0x3ee0c(0x0)

It's done this with MaxAuthTries set to 9, and it has prompted for password 3 times before failing.

Try 1:
debug1: next auth method to try is publickey
debug1: key does not exist: //.ssh/identity
debug1: key does not exist: //.ssh/id_rsa
debug1: key does not exist: //.ssh/id_dsa

Try 2:
debug1: next auth method to try is password
root@rmthost's password:
debug1: authentications that can continue: publickey,password,keyboard-interactive

Try 3:
debug1: next auth method to try is password
Permission denied, please try again.
root@rmthost's password:
debug1: authentications that can continue: publickey,password,keyboard-interactive

Try 4:
debug1: next auth method to try is password
Permission denied, please try again.
root@rmthost's password:
debug1: authentications that can continue: publickey,password,keyboard-interactive

Try 5:
debug1: next auth method to try is password

Try 6:
debug1: next auth method to try is keyboard-interactive
debug1: authentications that can continue: publickey,password,keyboard-interactive

Try 7:
debug1: next auth method to try is keyboard-interactive
debug1: authentications that can continue: publickey,password,keyboard-interactive

Try 8:
debug1: next auth method to try is keyboard-interactive
debug1: authentications that can continue: publickey,password,keyboard-interactive

Try 9:
debug1: next auth method to try is keyboard-interactive
debug1: no more auth methods to try
Unable to find an authentication method
debug1: Calling cleanup 0x3ee0c(0x0)