<html><div
style='background-color:'><DIV>Hi,</DIV>
<DIV> </DIV>
<DIV>Please forgive me if this the wrong list for my query or if this
topic is already covered. I searched through the archive but could
not find any information.</DIV>
<DIV> </DIV>
<DIV>Here is my problem. If I enable more than one authentication
method (say public key, keyboard interaction,password) at my SSH server
and try to login using a locked/expired user account, server
prompts for password for each authentication method . Since user is already
locked isn't it better to stop at the first authentication method (i.e.
publickey) with a appropriate error message? Otherwise this unnecessarily forces
the user to enter password for each authentication method even though it is
known that all the methods will fail.</DIV>
<DIV> </DIV>
<DIV>Is there any reason why it is implemented this way?
(which I am obviosly missing here)</DIV>
<DIV> </DIV>
<DIV>I am using a HPUX based secure server running OpenSSH3.0.2p1
with PAM. I ran into this problem while implementing OpenSSH with PAM and am not
sure if I should leave it this way or introduce additional(and
redundant) checks before PAM account mgmt to avoid this problem. Please
help.</DIV>
<DIV> </DIV>
<DIV>Thanks,</DIV>
<DIV>Srinidhi.</DIV></div><br clear=all><hr>Go
Bonkers over cricket <a
href="http://g.msn.com/8HMEENIN/2740">with Balram D Maity</a>
</html>