0 votes
by (120 points)

Hey guys,

I am working with the SSH Pack, and from time to time I have been running into issues.

When I am making a SSH connection, sometimes the connection to the server/router is crap. When its very bad, I get the exception message "A supplied password or user name is incorrect".

Once the connection clears up, I am able to access it like normal.

My question is, is there a way to detect if its a timeout VS if the username is incorrect?

Lastly: I know when connecting to some routers, if it cannot establish a network connection, it will default to the hardcoded username and password (or something like that), and thats what I think this is doing.

Additional notes:

Language: C#
Running IIS from a webserver

1 Answer

0 votes
by (144k points)

SSH authentication only occurs after successful SSH negotiation. At that point, the connection is already using the SSH protocol, which means that SSH's encryption and integrity protection is already in place. This guarantees that each SSH packet is either received by the other side successfully with no data corruption, or not at all.

The "A supplied password or user name is incorrect" message is only raised as a result of receiving a SSH_MSG_USERAUTH_FAILURE authentication response to SSH_MSG_USERAUTH_REQUEST authentication request.

This means that the occurrence of "A supplied password or user name is incorrect" error indicates that an authentication attempt has in fact been made, and that it was rejected by the server. It never indicates a timeout at the SSH protocol layer or any of the layers below it.

However, it really only means that. All the SSH client knows is that the authentication attempt was rejected - the server does not actually let the client know whether this was due to invalid username, password, or anything else. For example, if the server was unable to verify the username and password (possibly due to bad connection to an authentication server a DDOS protection), it could respond with SSH_MSG_USERAUTH_FAILURE, which would trigger the "A supplied password or user name is incorrect" error even though the credentials were actually correct. But unfortunately, this is beyond SSH client's control. The server log is where to look for more information.

...