The SFTP protocol doesn't define message for
SSH_MSG_USERAUTH_FAILURE packet. It is on purpose. Any information in this step gives the attacker knowledge about the process of guessing username and password.
So we cannot add custom message to authentication routine.
However, we can send
BANNER to the client in case of authentication failure.
Unfortunately, some clients don't display banners (e.g. FileZilla, Cyberduck), but others do (e.g. Rebex Sftp, WinSCP, Bitvise SSH, PuTTY psftp.exe tool, ...)
You can try it now using general banner, which can be set by
If it satisfy your needs, we can add this feature easily.