Special reason for SSH too many authentication failures
该文章根据 CC-BY-4.0 协议发表,转载请遵循该协议。
本文地址:https://fenying.net/en/post/2024/05/27/ssh-too-many-authentication-error/
One day, when I tried connecting to a host by SSH, I got errors like Received disconnect from xxxxx port 22:2: Too many authentication failures, what’s going on?
I thought it might be caused by the pacman -Syu I executed on the previous day, but to avoid wasting time, I tried another machine first, and it works normally, only my machine is malfunctioning.
I checked with ssh the-hostname -vvv, and got that it was trying to connect with all the private keys registered in the ssh-agent, but none of them worked, so the error occurred.
Yep, that’s why it reached the maximum attempts of authenticating to the remote host. I did register many keys into the ssh-agent because I added Host * AddKeysToAgent yes in ~/.ssh/config, which means all keys I used since the ssh-agent started were registered into it.
People on the Internet would recommend adding IdentitiesOnly yes in ~/.ssh/config, it does resolve the connecting problem, but another problem comes: only the keys specified will be used, not the keys in the ssh-agent.
To me, that’s unacceptable, because I just added AddKeysToAgent yes to make it easier to use the keys in the ssh-agent.
Well, the easiest way now is to restart the ssh-agent when the error comes out. I don’t wanna make it too complicated, and I don’t have so many keys need to register into the ssh-agent usually, so it’s not a big deal to restart it when the error occurs, until I find a better solution.