[erlang-questions] detecting ssh auth failures

Niclas Eklund <>
Thu May 26 17:09:14 CEST 2011


Hi!

I guess that you would prefer to get, for example, an integer or atom as 
error reason. Correct? I.e. so you could match on the case when you get 
"Unable to connect using the available authentication methods". In this 
case the generated message is (the macro represents an integer):

#ssh_msg_disconnect{code = ?SSH_DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE,
                     description = "Unable to connect using the available"
                                   " authentication methods",
                     language = "en"},

But in some cases it contain additional information. E.g.

#ssh_msg_disconnect{code = ?SSH_DISCONNECT_PROTOCOL_VERSION_NOT_SUPPORTED,
                     description = "Protocol version " ++  StrVsn
                                   ++ " not supported",
                     language = "en"},

In the latter the description reveals more details. Perhaps the error 
messages could have been a 3 tuple:

   {error, Code, Description}

instead of what's normally used {error, Reason}. Changing the return value 
would break existing code (applications using SSH), which wouldn't be very 
popular ;-) Perhaps a configuration parameter could be used to control 
this (the default behaviour should as it is) ....

Best Regards,

Niclas @ Erlang/OTP

On Tue, 10 May 2011, Daniel Goertzen wrote:

> I am using ssh to automatically connect and operate a remote device.  I'd
> like to distinguish authentication failures from other kinds of failures.
> Currently I will get this as an auth failure from ssh:connect():
>
> {error,"Unable to connect using the available authentication methods"}
>
> Now I could include that error string in a pattern to detect an auth
> failure, but it feels rather brittle (ie, what if someone changes the
> wording).  Is there a better way to do it?  Is this an API design bug?
>
> Regards,
> Dan.
>





More information about the erlang-questions mailing list