RFC Errata
RFC 4252, "The Secure Shell (SSH) Authentication Protocol", January 2006
Note: This RFC has been updated by RFC 8308, RFC 8332
Source of RFC: secsh (sec)See Also: RFC 4252 w/ inline errata
Errata ID: 5563
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Benoît Morgan
Date Reported: 2018-11-27
Verifier Name: Paul Wouters
Date Verified: 2023-07-28
Section 8. says:
SSH_MSG_USERAUTH_FAILURE without partial success - The password has not been changed. Either password changing was not supported, or the old password was bad. Note that if the server has already sent SSH_MSG_USERAUTH_PASSWD_CHANGEREQ, we know that it supports changing the password. SSH_MSG_USERAUTH_CHANGEREQ - The password was not changed because the new password was not acceptable (e.g., too easy to guess).
It should say:
SSH_MSG_USERAUTH_FAILURE without partial success - The password has not been changed. Either password changing was not supported, or the old password was bad. Note that if the server has already sent SSH_MSG_USERAUTH_PASSWD_CHANGEREQ, we know that it supports changing the password. SSH_MSG_USERAUTH_PASSWD_CHANGEREQ - The password was not changed because the new password was not acceptable (e.g., too easy to guess).
Notes:
SSH_MSG_USERAUTH_PASSWD_CHANGEREQ seems to have been truncated to SSH_MSG_USERAUTH_CHANGEREQ for no apparent reason.