SSH Error: "Too Many Authentication Failures"

When attempting to logon to a secure session, you may see the error "Too many authentication failures," even if you have only logged in once. This error can occur if you have reached the maximum allowed login attempts or after a single login if too many authentication types are enabled on the client. This technical note explains how to disable client authentication types.

The "authentication failures" error can occur when multiple authentication methods are enabled in the Reflection for Secure IT, or when public key authentication is used to connect to an OpenSSH server.

Note: If you authenticate with a password, select either the Password or Keyboard-interactive user authentication method, not both. Typically, Keyboard-interactive is not required unless you use PAM on the server. This method can cause unwanted authentication attempts when enabled in a non-PAM environment.

To resolve this problem for the client or server you are using, follow the suggestions below.

Reflection for Secure IT Windows Client

To edit the Reflection authentication methods:

1. Open Reflection for Secure IT.
2. Click Connection > Connection setup.
3. Enter the Host name, and then click Security.
4. On the General tab, look at the User Authentication list. Clear the check boxes for all authentication methods that you do not use.

5. Click OK, and then click File > Save to save your settings.

OpenSSH Server Public Key Authentication

Depending on the server version, OpenSSH servers limit the number of public key authentication attempts to four or five. If you have more than four or five keys in your key agent, or in the user folder, you could exceed this limit. To resolve this problem, decrease the number of keys in your key agent and in the client .ssh or .ssh2 folder.

Legacy KB ID

This document was originally published as Attachmate Technical Note 2143.