x/crypto/ssh: client auth loop calls PasswordCallback after receiving disconnect msg from server #66991
Labels
NeedsDecision
Feedback is required from experts, contributors, and/or the community before a change can be made.
Milestone
Go version
go version go1.22.2 linux/amd64
Output of
go env
in your module/workspace:What did you do?
When connecting with ssh.ClientConfig having publickey and password authentication enabled, and a OpenSSH server not accepting the client's publickey, and server using MaxAuthTries 1, then the golang ssh client still calls PasswordCallback() unexpectedly.
This happens because client auth loop does not exit immediately (in ssh/client_auth.go:74) when receiving a disconnect msg from server, but instead continues to try the next auth method. If that auth method is PasswordCallback, then the callback is called even though the server has already disconnected. This leads to weird UX because where the end user may get prompted for password followed by immediate failure.
The following code highlights the problem:
What did you see happen?
What did you expect to see?
The text was updated successfully, but these errors were encountered: