The SFTP protocol doesn't define message for SSH_MSG_USERAUTH_FAILURE
packet. It is on purpose. Any information in this step gives the attacker knowledge about the process of guessing username and password.
So we cannot add custom message to authentication routine.
However, we can send BANNER
to the client in case of authentication failure.
Unfortunately, some clients don't display banners (e.g. FileZilla, Cyberduck), but others do (e.g. Rebex Sftp, WinSCP, Bitvise SSH, PuTTY psftp.exe tool, ...)
You can try it now using general banner, which can be set by server.Settings.Banner
property.
If it satisfy your needs, we can add this feature easily.