[CentOS] sshd gives false "Too many authentication failures"

Sun Nov 21 20:03:07 UTC 2021
Leon Fauster <leonfauster at googlemail.com>

Am 21.11.21 um 20:07 schrieb Andreas Fournier:
> On Sat, 2021-11-20 at 11:46 +0100, Andreas Fournier wrote:
>> On Sat, 2021-11-20 at 15:33 +0530, Thomas Stephen Lee wrote:
>>> On Sat, Nov 20, 2021 at 2:32 PM Andreas Fournier
>>> <andreas.fournier at runbox.com> wrote:
>>>>
>>>> I just came across something strange with my fully updated
>>>> Centos7
>>>> server. When I try to ssh into it the same way I've always done I
>>>> get
>>>> "Too many authentication failures". This just came out of the
>>>> blue.
>>>> I'm
>>>> using the root account and a password. But in my sshd_config it
>>>> still
>>>> reads
>>>> #MaxAuthTries 6
>>>> Which I think is the default.
>>>>
>>>>  From the console I can log in fine and when I look in the logs
>>>> for
>>>> sshd
>>>> I can just see the the attempts I just made, that are less than
>>>> six
>>>> and
>>>> no previous denied attemps.
>>>>
>>>> Any clues what's going on?
>>>>
>>>
>>> I got the same error once.
>>> In my case the problem was ssh tried to log in with ssh keys before
>>> giving a password prompt.
>>
>> Thanks, same for me. I had added a new key for a different server to
>> the ssh client machine that got it over the limit.
> 
> This got me wondering what is the best practice for a situation where
> you have a machine with more than five keys on file in able to ssh to
> different servers. But you would also like to ssh with password to an
> other set of servers.


I would suggest to configure your needs in .ssh/config

Check man ssh_config. Example:

#.ssh/config

  Host myhost.example
  PubkeyAuthentication yes
  User myuser.example
  IdentityFile ~/.ssh/mysecretkey.example

  Host *
  PubkeyAuthentication no


Just to get the idea. Top-down, first entry win, last is the default.

--
Leon