PuTTY bug kbdint-failure

This is a mirror. The primary PuTTY web site can be found here.

Home | Licence | FAQ | Docs | Download | Keys | Links
Mirrors | Updates | Feedback | Changes | Wishlist | Team

summary: Keyboard-interactive authentication only permits one try
class: bug: This is clearly an actual problem we want fixed.
difficulty: fun: Just needs tuits, and not many of them.
priority: high: This should be fixed in the next release.
present-in: 0.56
fixed-in: 2005-01-08 (0.58) (0.59) (0.60)

It's been observed that SSH-2 "keyboard-interactive" authentication in PuTTY only permits one attempt at authentication before falling back to other forms of authentication, such as password-based. If no other methods are supported by the server, PuTTY will bomb out with the message "No supported authentication methods left to try!".

This has been exacerbated recently as several distributions are configuring OpenSSH to use k-i for even basic password authentication these days, and not enabling PasswordAuthentication at all by default.

As of 2005-01-08, PuTTY will continue to attempt keyboard-interactive authentication as long as the server continues to offer it, in preference to password authentication, unless the server refuses it outright. (If you need to get past k-i, you can disable attempts to use keyboard-interactive entirely on the "Auth" panel.)

Audit trail for this bug.

If you want to comment on this web site, see the Feedback page.
(last revision of this bug record was at 2005-02-08 10:04:28 +0000)