RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 2 records.

Status: Verified (1)

RFC 4252, "The Secure Shell (SSH) Authentication Protocol", January 2006

Note: This RFC has been updated by RFC 8308, RFC 8332

Source of RFC: secsh (sec)

Errata ID: 5563
Status: Verified
Type: Technical
Publication Format(s) : TEXT

Reported By: Benoît Morgan
Date Reported: 2018-11-27
Verifier Name: Paul Wouters
Date Verified: 2023-07-28

Section 8. says:

      SSH_MSG_USERAUTH_FAILURE without partial success - The password
      has not been changed.  Either password changing was not supported,
      or the old password was bad.  Note that if the server has already
      sent SSH_MSG_USERAUTH_PASSWD_CHANGEREQ, we know that it supports
      changing the password.

      SSH_MSG_USERAUTH_CHANGEREQ - The password was not changed because
      the new password was not acceptable (e.g., too easy to guess).

It should say:

      SSH_MSG_USERAUTH_FAILURE without partial success - The password
      has not been changed.  Either password changing was not supported,
      or the old password was bad.  Note that if the server has already
      sent SSH_MSG_USERAUTH_PASSWD_CHANGEREQ, we know that it supports
      changing the password.

      SSH_MSG_USERAUTH_PASSWD_CHANGEREQ - The password was not changed 
      because the new password was not acceptable (e.g., too easy to 
      guess).

Notes:

SSH_MSG_USERAUTH_PASSWD_CHANGEREQ seems to have been truncated to SSH_MSG_USERAUTH_CHANGEREQ for no apparent reason.

Status: Held for Document Update (1)

RFC 4252, "The Secure Shell (SSH) Authentication Protocol", January 2006

Note: This RFC has been updated by RFC 8308, RFC 8332

Source of RFC: secsh (sec)

Errata ID: 3268
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT

Reported By: Nikolai Malykh
Date Reported: 2012-06-28
Held for Document Update by: Sean Turner

Section 5.1 says:

   A request that requires further messages to be exchanged will be
   aborted by a subsequent request.  A client MUST NOT send a subsequent
   request if it has not received a response from the server for a
   previous request.  A SSH_MSG_USERAUTH_FAILURE message MUST NOT be
   sent for an aborted method.

It should say:

   A request that requires further messages to be exchanged will be
   aborted by a subsequent request.  In this case a client MUST NOT 
   send a subsequent request if it has not received a response from 
   the server for a previous request.  A SSH_MSG_USERAUTH_FAILURE 
   message MUST NOT be sent for an aborted method.

Notes:

The ambiguous wording, which can be confusing. See previous paragraph

Report New Errata



Advanced Search