Double attempt on login
Brought to you by:
thesun
Menu
▾
▴
#6 Double attempt on login
Hi all,
maybe I'm missing the big picture so I apologize in advance.
I think that it can be useful to increate the number of tentatives of login from 1 to 2.
This could be helpful in case of bastion hosts in organizations where is forbidden to exchange keys.
I made the changes below locally on my computer and compiled sshpass.
It's working as expected.
I think that 2 is a good number because it's enought to solve the problem of the bastions and it's not too big to block the account with more than 3 failed tentatives.
Another solution could be adding an argument to specify the numbers of tentatives, leaving 1 as default and moving to the end user the risk ...
// Are we at a password prompt?
if( compare1[state1]=='\0' ) {
if( prevmatch<2 ) { //<<<-------------First change
if( args.verbose )
fprintf(stderr, "SSHPASS detected prompt. Sending password.\n");
write_pass( fd );
state1=0;
prevmatch++; //<<<-------------Second change
} else {
// Wrong password - terminate with proper error code
if( args.verbose )
fprintf(stderr, "SSHPASS detected prompt, again. Wrong password. Terminating.\n");
ret=RETURN_INCORRECT_PASSWORD;
}
At this point in time, I'm afraid I don't have the bandwidth to resolve all of the dependent issue this will create (how many times to check, what happens if this interfere with something else, etc.).