RFC Errata
Found 2 records.
Status: Verified (1)
RFC 4252, "The Secure Shell (SSH) Authentication Protocol", January 2006
Note: This RFC has been updated by RFC 8308, RFC 8332
Source of RFC: secsh (sec)
Errata ID: 5563
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Benoît Morgan
Date Reported: 2018-11-27
Verifier Name: Paul Wouters
Date Verified: 2023-07-28
Section 8. says:
SSH_MSG_USERAUTH_FAILURE without partial success - The password has not been changed. Either password changing was not supported, or the old password was bad. Note that if the server has already sent SSH_MSG_USERAUTH_PASSWD_CHANGEREQ, we know that it supports changing the password. SSH_MSG_USERAUTH_CHANGEREQ - The password was not changed because the new password was not acceptable (e.g., too easy to guess).
It should say:
SSH_MSG_USERAUTH_FAILURE without partial success - The password has not been changed. Either password changing was not supported, or the old password was bad. Note that if the server has already sent SSH_MSG_USERAUTH_PASSWD_CHANGEREQ, we know that it supports changing the password. SSH_MSG_USERAUTH_PASSWD_CHANGEREQ - The password was not changed because the new password was not acceptable (e.g., too easy to guess).
Notes:
SSH_MSG_USERAUTH_PASSWD_CHANGEREQ seems to have been truncated to SSH_MSG_USERAUTH_CHANGEREQ for no apparent reason.
Status: Held for Document Update (1)
RFC 4252, "The Secure Shell (SSH) Authentication Protocol", January 2006
Note: This RFC has been updated by RFC 8308, RFC 8332
Source of RFC: secsh (sec)
Errata ID: 3268
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT
Reported By: Nikolai Malykh
Date Reported: 2012-06-28
Held for Document Update by: Sean Turner
Section 5.1 says:
A request that requires further messages to be exchanged will be aborted by a subsequent request. A client MUST NOT send a subsequent request if it has not received a response from the server for a previous request. A SSH_MSG_USERAUTH_FAILURE message MUST NOT be sent for an aborted method.
It should say:
A request that requires further messages to be exchanged will be aborted by a subsequent request. In this case a client MUST NOT send a subsequent request if it has not received a response from the server for a previous request. A SSH_MSG_USERAUTH_FAILURE message MUST NOT be sent for an aborted method.
Notes:
The ambiguous wording, which can be confusing. See previous paragraph