Open rettenbs opened 3 years ago
This is a good idea, will look into this. Will most likely need to target 0.5.0 but it may be possible.
Let me know if you have a branch which I can test.
I also noticed something else that is somehow related. Some browsers (e.g. Firefox) remember the user/password of the basic authentication and do not ask again. This happens even if the authentication fails or if you want to connect to a different server with a different user/password.
Maybe it is possible to use the terminal to enter username, password and second factor as an alternative to basic auth, similar to Putty.
Yeah, for better or worse it's Firefox's behavior has been pretty consistent in this regard. Chrome seems to respond to a 401 as you would expect, prompting the client for credentials again. Firefox is having none of that.
The RFC suggests if you give a 401 for another url (say /reauth) the client should prompt for credentials but I just tried this in Firefox (I moved /ssh/reauth to /reauth) and Firefox does NOT reprompt.
As you suggest, we need to handle this in the browser via a form or something and i think that's the only way it will get solved.
Let me get 0.4.0 wrapped up and I'll start experimenting.
We have a server with a 2-factor login enabled. Hence, the default password authentication is not supported but only keyboard interactive to enter password + second factor.
Using WebSSH to connect to the server I get the error "All configured authentication methods failed".