login about faq


I wish to be able to do the following:

Check if the public keys are correct --> IF Yes then --> prompt for a username and password --> If correct then authenticate

Check if the public keys are correct --> IF NO then --> disconnect and get no further

How can this be done, ive tried so many configuration variations.

  <authentication action="deny">
    <auth-publickey />


asked Jan 26 '12 at 17:54

danielturner's gravatar image


edited Jan 27 '12 at 09:55

Roman's gravatar image

Roman ♦♦

Have you tried the following:

    <authentication action="allow" name="RequirePubkeyAndPassword">
        <auth-publickey />
        <authentication name="PasswordRule">
    <!--  Deny rule, so that everything else is denied -->    
      <authentication action="deny" name="DenyRule" />

The above snippet of configuration should work in a way that it would require a user to go through public key authentication first and if successful require password authentication before allowing the user to log in. Users trying to login who fail the public key authentication won't proceed to the next step get so they won't even be prompted for a password.

The above example was tested to work with Tectia server version 6.2.0.

More information about configuring authentication chains can be found form our documentation available here.


answered Jan 27 '12 at 10:26

Roman's gravatar image

Roman ♦♦

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported



Asked: Jan 26 '12 at 17:54

Seen: 5,812 times

Last updated: Jan 27 '12 at 10:26

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.