Extended authentication information in Secure Shell (SSH)

Document Type Expired Internet-Draft (individual)
Last updated 2017-09-12 (latest revision 2017-03-11)
Stream (None)
Intended RFC status (None)
Expired & archived
plain text pdf html bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This memo defines a way for SSH server applications to send additional information to clients as part of authentication failure. A mechanism to relay such information can reduce the need for end user support in situations where a client would successfully authenticate, but cannot log in for a policy reason, such as password age or public key size.


denis bider (ietf-ssh3@denisbider.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)