Only show banner if upstream authentication succeeds

Question

Only show banner if upstream authentication succeeds

developedsoftware opened this issue 3 years ago · 1 comments

At the moment it shows regardless if connection to upstream fails or not.

Is there any reason to show the welcome banner if authentication fails (it may contain information that only valid ssh connections should see - like workflow instructions to developers)

Answer 1 · 2021-07-08T03:17:55.000Z

this is by design
ref
https://datatracker.ietf.org/doc/html/rfc4252#section-5.4

The SSH server may send an SSH_MSG_USERAUTH_BANNER message at any
time after this authentication protocol starts and before
authentication is successful.