On 22 December 2010 22:59, Mark Riordan <mriordan_at_ipswitch.com> wrote:
> How should an application determine whether both public key
> and password authentication methods are required?
> I'm not sure how to determine the difference between a server
> that requires both, or will take either one.
>
> I was kind of expecting functions like libssh2_userauth_publickey_fromfile
> and libssh2_userauth_password to have a return code that says
> "successful so far, but more authentication is required".
I've not checked the spec lately so can't swear to it but I don't
think a server is allowed to _require_ multiple authentication
methods. What it is allowed to do is say that it supports a method
but then fail to honour that. When the first attempt returns failure,
you handle this by trying the next available method.
Alex
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2010-12-23