SSH authentication only occurs after successful SSH negotiation. At that point, the connection is already using the SSH protocol, which means that SSH's encryption and integrity protection is already in place. This guarantees that each SSH packet is either received by the other side successfully with no data corruption, or not at all.
The "A supplied password or user name is incorrect" message is only raised as a result of receiving a SSH_MSG_USERAUTH_FAILURE
authentication response to SSH_MSG_USERAUTH_REQUEST
authentication request.
This means that the occurrence of "A supplied password or user name is incorrect" error indicates that an authentication attempt has in fact been made, and that it was rejected by the server. It never indicates a timeout at the SSH protocol layer or any of the layers below it.
However, it really only means that. All the SSH client knows is that the authentication attempt was rejected - the server does not actually let the client know whether this was due to invalid username, password, or anything else. For example, if the server was unable to verify the username and password (possibly due to bad connection to an authentication server a DDOS protection), it could respond with SSH_MSG_USERAUTH_FAILURE
, which would trigger the "A supplied password or user name is incorrect" error even though the credentials were actually correct. But unfortunately, this is beyond SSH client's control. The server log is where to look for more information.