OpenSSH server configured with "AuthenticationMethods any" option throws error
Issue
- When configuring multi-factor authentication in OpenSSH, using
any
with the optionAuthenticationMethods
throws the following error:
Aug 21 16:20:46 host0 sshd[9419]: error: Unknown authentication method "any" in list
Aug 21 16:20:46 host0 sshd[9419]: Authentication methods list "any" contains disabled method, skipping
Aug 21 16:20:46 host0 sshd[9419]: error: No AuthenticationMethods left after eliminating disabled methods
Aug 21 16:20:46 host0 sshd[9419]: error: Unknown authentication method "any" in list [preauth]
Aug 21 16:20:46 host0 sshd[9419]: Authentication methods list "any" contains disabled method, skipping [preauth]
Aug 21 16:20:46 host0 sshd[9419]: error: No AuthenticationMethods left after eliminating disabled methods [preauth]
Aug 21 16:20:46 host0 sshd[9419]: Disconnecting: no authentication methods enabled [preauth]
- This article discusses different syntax used in
AuthenticationMethods
in/etc/ssh/sshd_config
and how they change the ordering and inclusion/exclusion of methods during multi-factor authentication in OpenSSH.
Environment
- Red Hat Enterprise Linux 7.x
- OpenSSH 7.x and prior versions.
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.