Follow-up Comment #3, sr #111209 (group administration): Thanks for updating us on your status. I don't know why this would have been different between cvs and git as both servers have MaxAuthTries set to 6 which is the upstream OpenSSH default value. Some minor difference between things must have caused them to be different though.
This means that up to 6 authentication methods may be tried before the maximum
is reached. This limit is a security limit to prevent brute force attacks
against the server. It limits the number of times that a client can make an
attempt before needing to reconnect. We have always used the default OpenSSH
upstream value. This is my understanding of the issue you have reported.
As you have reported using fewer than MaxAuthTries keys in the ssh-agent is
usually the best configuration. Otherwise depending upon ordering of keys
tried one might hit this limit with any OpenSSH site that has not increased
the default value larger.
One can also specifically configure a client to use a specific key. I
recommend that keys always be maintained on disk encrypted however and
therefore using the ssh-agent to manage keys is best.
In any case thanks again for updating us on the status of this. Please don't
hesitate to contact us again if you experience further problems.
_______________________________________________________
Reply to this item at:
<https://savannah.nongnu.org/support/?111209>
_______________________________________________
Message sent via Savannah
https://savannah.nongnu.org/
signature.asc
Description: PGP signature
