Merge remote-tracking branch 'stevee/ppp-update'

[people/ms/ipfire-3.x.git] / openssh / patches / openssh-6.1p1-authenticationmethods.patch

diff --git a/auth.c b/auth.c
index ee0cb05..1b2fc2b 100644
--- a/auth.c
+++ b/auth.c
@@ -251,7 +251,8 @@ allowed_user(struct passwd * pw)
 }
 
 void
-auth_log(Authctxt *authctxt, int authenticated, char *method, char *info)
+auth_log(Authctxt *authctxt, int authenticated, int partial,
+    const char *method, const char *submethod, const char *info)
 {
 	void (*authlog) (const char *fmt,...) = verbose;
 	char *authmsg;
@@ -268,12 +269,15 @@ auth_log(Authctxt *authctxt, int authenticated, char *method, char *info)
 
 	if (authctxt->postponed)
 		authmsg = "Postponed";
+	else if (partial)
+		authmsg = "Partial";
 	else
 		authmsg = authenticated ? "Accepted" : "Failed";
 
-	authlog("%s %s for %s%.100s from %.200s port %d%s",
+	authlog("%s %s%s%s for %s%.100s from %.200s port %d%s",
 	    authmsg,
 	    method,
+	    submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod,
 	    authctxt->valid ? "" : "invalid user ",
 	    authctxt->user,
 	    get_remote_ipaddr(),
@@ -303,7 +307,7 @@ auth_log(Authctxt *authctxt, int authenticated, char *method, char *info)
  * Check whether root logins are disallowed.
  */
 int
-auth_root_allowed(char *method)
+auth_root_allowed(const char *method)
 {
 	switch (options.permit_root_login) {
 	case PERMIT_YES:
diff --git a/auth.h b/auth.h
index 0d786c4..29823bb 100644
--- a/auth.h
+++ b/auth.h
@@ -64,6 +64,8 @@ struct Authctxt {
 #ifdef BSD_AUTH
 	auth_session_t	*as;
 #endif
+	char		**auth_methods;	/* modified from server config */
+	u_int		 num_auth_methods;
 #ifdef KRB5
 	krb5_context	 krb5_ctx;
 	krb5_ccache	 krb5_fwd_ccache;
@@ -142,12 +144,17 @@ void disable_forwarding(void);
 void	do_authentication(Authctxt *);
 void	do_authentication2(Authctxt *);
 
-void	auth_log(Authctxt *, int, char *, char *);
-void	userauth_finish(Authctxt *, int, char *);
+void	auth_log(Authctxt *, int, int, const char *, const char *,
+    const char *);
+void	userauth_finish(Authctxt *, int, const char *, const char *);
+int	auth_root_allowed(const char *);
+
 void	userauth_send_banner(const char *);
-int	auth_root_allowed(char *);
 
 char	*auth2_read_banner(void);
+int	 auth2_methods_valid(const char *, int);
+int	 auth2_update_methods_lists(Authctxt *, const char *);
+int	 auth2_setup_methods_lists(Authctxt *);
 
 void	privsep_challenge_enable(void);
 
diff --git a/auth1.c b/auth1.c
index cc85aec..458a110 100644
--- a/auth1.c
+++ b/auth1.c
@@ -253,7 +253,8 @@ do_authloop(Authctxt *authctxt)
 		if (options.use_pam && (PRIVSEP(do_pam_account())))
 #endif
 		{
-			auth_log(authctxt, 1, "without authentication", "");
+			auth_log(authctxt, 1, 0, "without authentication",
+			    NULL, "");
 			return;
 		}
 	}
@@ -352,7 +353,8 @@ do_authloop(Authctxt *authctxt)
 
  skip:
 		/* Log before sending the reply */
-		auth_log(authctxt, authenticated, get_authname(type), info);
+		auth_log(authctxt, authenticated, 0, get_authname(type),
+		    NULL, info);
 
 		if (client_user != NULL) {
 			xfree(client_user);
@@ -406,6 +408,11 @@ do_authentication(Authctxt *authctxt)
 		authctxt->pw = fakepw();
 	}
 
+	/* Configuration may have changed as a result of Match */
+	if (options.num_auth_methods != 0)
+		fatal("AuthenticationMethods is not supported with SSH "
+		    "protocol 1");
+
 	setproctitle("%s%s", authctxt->valid ? user : "unknown",
 	    use_privsep ? " [net]" : "");
 
diff --git a/auth2-chall.c b/auth2-chall.c
index e6dbffe..5f7ec6d 100644
--- a/auth2-chall.c
+++ b/auth2-chall.c
@@ -283,7 +283,7 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt)
 	KbdintAuthctxt *kbdintctxt;
 	int authenticated = 0, res;
 	u_int i, nresp;
-	char **response = NULL, *method;
+	char *devicename = NULL, **response = NULL;
 
 	if (authctxt == NULL)
 		fatal("input_userauth_info_response: no authctxt");
@@ -329,9 +329,7 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt)
 		/* Failure! */
 		break;
 	}
-
-	xasprintf(&method, "keyboard-interactive/%s", kbdintctxt->device->name);
-
+	devicename = kbdintctxt->device->name;
 	if (!authctxt->postponed) {
 		if (authenticated) {
 			auth2_challenge_stop(authctxt);
@@ -341,8 +339,8 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt)
 			auth2_challenge_start(authctxt);
 		}
 	}
-	userauth_finish(authctxt, authenticated, method);
-	xfree(method);
+	userauth_finish(authctxt, authenticated, "keyboard-interactive",
+	    devicename);
 }
 
 void
diff --git a/auth2-gss.c b/auth2-gss.c
index 0d59b21..338c748 100644
--- a/auth2-gss.c
+++ b/auth2-gss.c
@@ -163,7 +163,7 @@ input_gssapi_token(int type, u_int32_t plen, void *ctxt)
 		}
 		authctxt->postponed = 0;
 		dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
-		userauth_finish(authctxt, 0, "gssapi-with-mic");
+		userauth_finish(authctxt, 0, "gssapi-with-mic", NULL);
 	} else {
 		if (send_tok.length != 0) {
 			packet_start(SSH2_MSG_USERAUTH_GSSAPI_TOKEN);
@@ -251,7 +251,7 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt)
 	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL);
 	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_MIC, NULL);
 	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL);
-	userauth_finish(authctxt, authenticated, "gssapi-with-mic");
+	userauth_finish(authctxt, authenticated, "gssapi-with-mic", NULL);
 }
 
 static void
@@ -291,7 +291,7 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt)
 	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL);
 	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_MIC, NULL);
 	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL);
-	userauth_finish(authctxt, authenticated, "gssapi-with-mic");
+	userauth_finish(authctxt, authenticated, "gssapi-with-mic", NULL);
 }
 
 Authmethod method_gssapi = {
diff --git a/auth2-jpake.c b/auth2-jpake.c
index a460e82..e4ba9aa 100644
--- a/auth2-jpake.c
+++ b/auth2-jpake.c
@@ -556,7 +556,7 @@ input_userauth_jpake_client_confirm(int type, u_int32_t seq, void *ctxt)
 	authctxt->postponed = 0;
 	jpake_free(authctxt->jpake_ctx);
 	authctxt->jpake_ctx = NULL;
-	userauth_finish(authctxt, authenticated, method_jpake.name);
+	userauth_finish(authctxt, authenticated, method_jpake.name, NULL);
 }
 
 #endif /* JPAKE */
diff --git a/auth2.c b/auth2.c
index b66bef6..ea0fd92 100644
--- a/auth2.c
+++ b/auth2.c
@@ -96,8 +96,10 @@ static void input_service_request(int, u_int32_t, void *);
 static void input_userauth_request(int, u_int32_t, void *);
 
 /* helper */
-static Authmethod *authmethod_lookup(const char *);
-static char *authmethods_get(void);
+static Authmethod *authmethod_lookup(Authctxt *, const char *);
+static char *authmethods_get(Authctxt *authctxt);
+static int method_allowed(Authctxt *, const char *);
+static int list_starts_with(const char *, const char *);
 
 char *
 auth2_read_banner(void)
@@ -255,6 +257,8 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
 		if (use_privsep)
 			mm_inform_authserv(service, style);
 		userauth_banner();
+		if (auth2_setup_methods_lists(authctxt) != 0)
+			packet_disconnect("no authentication methods enabled");
 	} else if (strcmp(user, authctxt->user) != 0 ||
 	    strcmp(service, authctxt->service) != 0) {
 		packet_disconnect("Change of username or service not allowed: "
@@ -277,12 +281,12 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
 	authctxt->server_caused_failure = 0;
 
 	/* try to authenticate user */
-	m = authmethod_lookup(method);
+	m = authmethod_lookup(authctxt, method);
 	if (m != NULL && authctxt->failures < options.max_authtries) {
 		debug2("input_userauth_request: try method %s", method);
 		authenticated =	m->userauth(authctxt);
 	}
-	userauth_finish(authctxt, authenticated, method);
+	userauth_finish(authctxt, authenticated, method, NULL);
 
 	xfree(service);
 	xfree(user);
@@ -290,13 +294,17 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
 }
 
 void
-userauth_finish(Authctxt *authctxt, int authenticated, char *method)
+userauth_finish(Authctxt *authctxt, int authenticated, const char *method,
+    const char *submethod)
 {
 	char *methods;
+	int partial = 0;
 
 	if (!authctxt->valid && authenticated)
 		fatal("INTERNAL ERROR: authenticated invalid user %s",
 		    authctxt->user);
+	if (authenticated && authctxt->postponed)
+		fatal("INTERNAL ERROR: authenticated and postponed");
 
 	/* Special handling for root */
 	if (authenticated && authctxt->pw->pw_uid == 0 &&
@@ -307,6 +315,19 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
 #endif
 	}
 
+	if (authenticated && options.num_auth_methods != 0) {
+		if (!auth2_update_methods_lists(authctxt, method)) {
+			authenticated = 0;
+			partial = 1;
+		}
+	}
+
+	/* Log before sending the reply */
+	auth_log(authctxt, authenticated, partial, method, submethod, " ssh2");
+
+	if (authctxt->postponed)
+		return;
+
 #ifdef USE_PAM
 	if (options.use_pam && authenticated) {
 		if (!PRIVSEP(do_pam_account())) {
@@ -325,17 +346,10 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
 #ifdef _UNICOS
 	if (authenticated && cray_access_denied(authctxt->user)) {
 		authenticated = 0;
-		fatal("Access denied for user %s.",authctxt->user);
+		fatal("Access denied for user %s.", authctxt->user);
 	}
 #endif /* _UNICOS */
 
-	/* Log before sending the reply */
-	auth_log(authctxt, authenticated, method, " ssh2");
-
-	if (authctxt->postponed)
-		return;
-
-	/* XXX todo: check if multiple auth methods are needed */
 	if (authenticated == 1) {
 		/* turn off userauth */
 		dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &dispatch_protocol_ignore);
@@ -348,7 +362,8 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
 
 		/* Allow initial try of "none" auth without failure penalty */
 		if (!authctxt->server_caused_failure &&
-		    (authctxt->attempt > 1 || strcmp(method, "none") != 0))
+		    (authctxt->attempt > 1 || strcmp(method, "none") != 0) &&
+		    partial == 0)
 			authctxt->failures++;
 		if (authctxt->failures >= options.max_authtries) {
 #ifdef SSH_AUDIT_EVENTS
@@ -356,34 +371,61 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
 #endif
 			packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
 		}
-		methods = authmethods_get();
+		methods = authmethods_get(authctxt);
+		debug3("%s: failure partial=%d next methods=\"%s\"", __func__,
+		    partial, methods);
 		packet_start(SSH2_MSG_USERAUTH_FAILURE);
 		packet_put_cstring(methods);
-		packet_put_char(0);	/* XXX partial success, unused */
+		packet_put_char(partial);
 		packet_send();
 		packet_write_wait();
 		xfree(methods);
 	}
 }
 
+/*
+ * Checks whether method is allowed by at least one AuthenticationMethods
+ * methods list. Returns 1 if allowed, or no methods lists configured.
+ * 0 otherwise.
+ */
+static int
+method_allowed(Authctxt *authctxt, const char *method)
+{
+	u_int i;
+
+	/*
+	 * NB. authctxt->num_auth_methods might be zero as a result of
+	 * auth2_setup_methods_lists(), so check the configuration.
+	 */
+	if (options.num_auth_methods == 0)
+		return 1;
+	for (i = 0; i < authctxt->num_auth_methods; i++) {
+		if (list_starts_with(authctxt->auth_methods[i], method))
+			return 1;
+	}
+	return 0;
+}
+
 static char *
-authmethods_get(void)
+authmethods_get(Authctxt *authctxt)
 {
 	Buffer b;
 	char *list;
-	int i;
+	u_int i;
 
 	buffer_init(&b);
 	for (i = 0; authmethods[i] != NULL; i++) {
 		if (strcmp(authmethods[i]->name, "none") == 0)
 			continue;
-		if (authmethods[i]->enabled != NULL &&
-		    *(authmethods[i]->enabled) != 0) {
-			if (buffer_len(&b) > 0)
-				buffer_append(&b, ",", 1);
-			buffer_append(&b, authmethods[i]->name,
-			    strlen(authmethods[i]->name));
-		}
+		if (authmethods[i]->enabled == NULL ||
+		    *(authmethods[i]->enabled) == 0)
+			continue;
+		if (!method_allowed(authctxt, authmethods[i]->name))
+			continue;
+		if (buffer_len(&b) > 0)
+			buffer_append(&b, ",", 1);
+		buffer_append(&b, authmethods[i]->name,
+		    strlen(authmethods[i]->name));
 	}
 	buffer_append(&b, "\0", 1);
 	list = xstrdup(buffer_ptr(&b));
@@ -392,7 +434,7 @@ authmethods_get(void)
 }
 
 static Authmethod *
-authmethod_lookup(const char *name)
+authmethod_lookup(Authctxt *authctxt, const char *name)
 {
 	int i;
 
@@ -400,10 +442,152 @@ authmethod_lookup(const char *name)
 		for (i = 0; authmethods[i] != NULL; i++)
 			if (authmethods[i]->enabled != NULL &&
 			    *(authmethods[i]->enabled) != 0 &&
-			    strcmp(name, authmethods[i]->name) == 0)
+			    strcmp(name, authmethods[i]->name) == 0 &&
+			    method_allowed(authctxt, authmethods[i]->name))
 				return authmethods[i];
 	debug2("Unrecognized authentication method name: %s",
 	    name ? name : "NULL");
 	return NULL;
 }
 
+/*
+ * Check a comma-separated list of methods for validity. Is need_enable is
+ * non-zero, then also require that the methods are enabled.
+ * Returns 0 on success or -1 if the methods list is invalid.
+ */
+int
+auth2_methods_valid(const char *_methods, int need_enable)
+{
+	char *methods, *omethods, *method;
+	u_int i, found;
+	int ret = -1;
+
+	if (*_methods == '\0') {
+		error("empty authentication method list");
+		return -1;
+	}
+	omethods = methods = xstrdup(_methods);
+	while ((method = strsep(&methods, ",")) != NULL) {
+		for (found = i = 0; !found && authmethods[i] != NULL; i++) {
+			if (strcmp(method, authmethods[i]->name) != 0)
+				continue;
+			if (need_enable) {
+				if (authmethods[i]->enabled == NULL ||
+				    *(authmethods[i]->enabled) == 0) {
+					error("Disabled method \"%s\" in "
+					    "AuthenticationMethods list \"%s\"",
+					    method, _methods);
+					goto out;
+				}
+			}
+			found = 1;
+			break;
+		}
+		if (!found) {
+			error("Unknown authentication method \"%s\" in list",
+			    method);
+			goto out;
+		}
+	}
+	ret = 0;
+ out:
+	free(omethods);
+	return ret;
+}
+
+/*
+ * Prune the AuthenticationMethods supplied in the configuration, removing
+ * any methods lists that include disabled methods. Note that this might
+ * leave authctxt->num_auth_methods == 0, even when multiple required auth
+ * has been requested. For this reason, all tests for whether multiple is
+ * enabled should consult options.num_auth_methods directly.
+ */
+int
+auth2_setup_methods_lists(Authctxt *authctxt)
+{
+	u_int i;
+
+	if (options.num_auth_methods == 0)
+		return 0;
+	debug3("%s: checking methods", __func__);
+	authctxt->auth_methods = xcalloc(options.num_auth_methods,
+	    sizeof(*authctxt->auth_methods));
+	authctxt->num_auth_methods = 0;
+	for (i = 0; i < options.num_auth_methods; i++) {
+		if (auth2_methods_valid(options.auth_methods[i], 1) != 0) {
+			logit("Authentication methods list \"%s\" contains "
+			    "disabled method, skipping",
+			    options.auth_methods[i]);
+			continue;
+		}
+		debug("authentication methods list %d: %s",
+		    authctxt->num_auth_methods, options.auth_methods[i]);
+		authctxt->auth_methods[authctxt->num_auth_methods++] =
+		    xstrdup(options.auth_methods[i]);
+	}
+	if (authctxt->num_auth_methods == 0) {
+		error("No AuthenticationMethods left after eliminating "
+		    "disabled methods");
+		return -1;
+	}
+	return 0;
+}
+
+static int
+list_starts_with(const char *methods, const char *method)
+{
+	size_t l = strlen(method);
+
+	if (strncmp(methods, method, l) != 0)
+		return 0;
+	if (methods[l] != ',' && methods[l] != '\0')
+		return 0;
+	return 1;
+}
+
+/*
+ * Remove method from the start of a comma-separated list of methods.
+ * Returns 0 if the list of methods did not start with that method or 1
+ * if it did.
+ */
+static int
+remove_method(char **methods, const char *method)
+{
+	char *omethods = *methods;
+	size_t l = strlen(method);
+
+	if (!list_starts_with(omethods, method))
+		return 0;
+	*methods = xstrdup(omethods + l + (omethods[l] == ',' ? 1 : 0));
+	free(omethods);
+	return 1;
+}
+
+/*
+ * Called after successful authentication. Will remove the successful method
+ * from the start of each list in which it occurs. If it was the last method
+ * in any list, then authentication is deemed successful.
+ * Returns 1 if the method completed any authentication list or 0 otherwise.
+ */
+int
+auth2_update_methods_lists(Authctxt *authctxt, const char *method)
+{
+	u_int i, found = 0;
+
+	debug3("%s: updating methods list after \"%s\"", __func__, method);
+	for (i = 0; i < authctxt->num_auth_methods; i++) {
+		if (!remove_method(&(authctxt->auth_methods[i]), method))
+			continue;
+		found = 1;
+		if (*authctxt->auth_methods[i] == '\0') {
+			debug2("authentication methods list %d complete", i);
+			return 1;
+		}
+		debug3("authentication methods list %d remaining: \"%s\"",
+		    i, authctxt->auth_methods[i]);
+	}
+	/* This should not happen, but would be bad if it did */
+	if (!found)
+		fatal("%s: method not in AuthenticationMethods", __func__);
+	return 0;
+}
diff --git a/monitor.c b/monitor.c
index 1dc42f5..66f3eea 100644
--- a/monitor.c
+++ b/monitor.c
@@ -199,6 +199,7 @@ static int key_blobtype = MM_NOKEY;
 static char *hostbased_cuser = NULL;
 static char *hostbased_chost = NULL;
 static char *auth_method = "unknown";
+static char *auth_submethod = NULL;
 static u_int session_id2_len = 0;
 static u_char *session_id2 = NULL;
 static pid_t monitor_child_pid;
@@ -352,7 +353,7 @@ void
 monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
 {
 	struct mon_table *ent;
-	int authenticated = 0;
+	int authenticated = 0, partial = 0;
 
 	debug3("preauth child monitor started");
 
@@ -379,8 +380,26 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
 
 	/* The first few requests do not require asynchronous access */
 	while (!authenticated) {
+		partial = 0;
 		auth_method = "unknown";
+		auth_submethod = NULL;
 		authenticated = (monitor_read(pmonitor, mon_dispatch, &ent) == 1);
+
+		/* Special handling for multiple required authentications */
+		if (options.num_auth_methods != 0) {
+			if (!compat20)
+				fatal("AuthenticationMethods is not supported"
+				    "with SSH protocol 1");
+			if (authenticated &&
+			    !auth2_update_methods_lists(authctxt,
+			    auth_method)) {
+				debug3("%s: method %s: partial", __func__,
+				    auth_method);
+				authenticated = 0;
+				partial = 1;
+			}
+		}
+
 		if (authenticated) {
 			if (!(ent->flags & MON_AUTHDECIDE))
 				fatal("%s: unexpected authentication from %d",
@@ -403,9 +422,10 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
 		}
 
 		if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) {
-			auth_log(authctxt, authenticated, auth_method,
+			auth_log(authctxt, authenticated, partial,
+			    auth_method, auth_submethod,
 			    compat20 ? " ssh2" : "");
-			if (!authenticated)
+			if (!authenticated && !partial)
 				authctxt->failures++;
 		}
 #ifdef JPAKE
@@ -781,7 +801,17 @@ mm_answer_pwnamallow(int sock, Buffer *m)
 	COPY_MATCH_STRING_OPTS();
 #undef M_CP_STROPT
 #undef M_CP_STRARRAYOPT
-	
+
+	/* Create valid auth method lists */
+	if (compat20 && auth2_setup_methods_lists(authctxt) != 0) {
+		/*
+		 * The monitor will continue long enough to let the child
+		 * run to it's packet_disconnect(), but it must not allow any
+		 * authentication to succeed.
+		 */
+		debug("%s: no valid authentication method lists", __func__);
+	}
+
 	debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed);
 	mm_request_send(sock, MONITOR_ANS_PWNAM, m);
 
@@ -918,7 +948,11 @@ mm_answer_bsdauthrespond(int sock, Buffer *m)
 	debug3("%s: sending authenticated: %d", __func__, authok);
 	mm_request_send(sock, MONITOR_ANS_BSDAUTHRESPOND, m);
 
-	auth_method = "bsdauth";
+	if (compat20)
+		auth_method = "keyboard-interactive"; /* XXX auth_submethod */
+	else
+		auth_method = "bsdauth";
+
 
 	return (authok != 0);
 }
@@ -1057,7 +1091,9 @@ mm_answer_pam_query(int sock, Buffer *m)
 		xfree(prompts);
 	if (echo_on != NULL)
 		xfree(echo_on);
-	auth_method = "keyboard-interactive/pam";
+	auth_method = "keyboard-interactive";
+	auth_submethod = "pam";
+
 	mm_request_send(sock, MONITOR_ANS_PAM_QUERY, m);
 	return (0);
 }
@@ -1086,7 +1122,8 @@ mm_answer_pam_respond(int sock, Buffer *m)
 	buffer_clear(m);
 	buffer_put_int(m, ret);
 	mm_request_send(sock, MONITOR_ANS_PAM_RESPOND, m);
-	auth_method = "keyboard-interactive/pam";
+	auth_method = "keyboard-interactive";
+	auth_submethod= "pam";
 	if (ret == 0)
 		sshpam_authok = sshpam_ctxt;
 	return (0);
@@ -1100,7 +1137,8 @@ mm_answer_pam_free_ctx(int sock, Buffer *m)
 	(sshpam_device.free_ctx)(sshpam_ctxt);
 	buffer_clear(m);
 	mm_request_send(sock, MONITOR_ANS_PAM_FREE_CTX, m);
-	auth_method = "keyboard-interactive/pam";
+	auth_method = "keyboard-interactive";
+	auth_submethod = "pam";
 	return (sshpam_authok == sshpam_ctxt);
 }
 #endif
@@ -1178,7 +1216,8 @@ mm_answer_keyallowed(int sock, Buffer *m)
 		hostbased_chost = chost;
 	} else {
 		/* Log failed attempt */
-		auth_log(authctxt, 0, auth_method, compat20 ? " ssh2" : "");
+		auth_log(authctxt, 0, 0, auth_method, NULL,
+		    compat20 ? " ssh2" : "");
 		xfree(blob);
 		xfree(cuser);
 		xfree(chost);
diff --git a/servconf.c b/servconf.c
index 906778f..2c84993 100644
--- a/servconf.c
+++ b/servconf.c
@@ -48,6 +48,8 @@
 #include "groupaccess.h"
 #include "canohost.h"
 #include "packet.h"
+#include "hostfile.h"
+#include "auth.h"
 
 static void add_listen_addr(ServerOptions *, char *, int);
 static void add_one_listen_addr(ServerOptions *, char *, int);
@@ -329,6 +331,7 @@ typedef enum {
 	sZeroKnowledgePasswordAuthentication, sHostCertificate,
 	sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
 	sKexAlgorithms, sIPQoS, sVersionAddendum,
+	sAuthenticationMethods,
 	sDeprecated, sUnsupported
 } ServerOpCodes;
 
@@ -454,6 +457,7 @@ static struct {
 	{ "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL },
 	{ "ipqos", sIPQoS, SSHCFG_ALL },
 	{ "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL },
+	{ "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL },
 	{ NULL, sBadOption, 0 }
 };
 
@@ -1498,6 +1502,24 @@ process_server_config_line(ServerOptions *options, char *line,
 		}
 		return 0;
 
+	case sAuthenticationMethods:
+		if (*activep && options->num_auth_methods == 0) {
+			while ((arg = strdelim(&cp)) && *arg != '\0') {
+				if (options->num_auth_methods >=
+				    MAX_AUTH_METHODS)
+					fatal("%s line %d: "
+					    "too many authentication methods.",
+					    filename, linenum);
+				if (auth2_methods_valid(arg, 0) != 0)
+					fatal("%s line %d: invalid "
+					    "authentication method list.",
+					    filename, linenum);
+				options->auth_methods[
+				    options->num_auth_methods++] = xstrdup(arg);
+			}
+		}
+		return 0;
+
 	case sDeprecated:
 		logit("%s line %d: Deprecated option %s",
 		    filename, linenum, arg);
@@ -1925,6 +1947,8 @@ dump_config(ServerOptions *o)
 	dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups);
 	dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups);
 	dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env);
+	dump_cfg_strarray_oneline(sAuthenticationMethods,
+		o->num_auth_methods, o->auth_methods);
 
 	/* other arguments */
 	for (i = 0; i < o->num_subsystems; i++)
diff --git a/servconf.h b/servconf.h
index 096d596..ef80eef 100644
--- a/servconf.h
+++ b/servconf.h
@@ -28,6 +28,7 @@
 #define MAX_ACCEPT_ENV		256	/* Max # of env vars. */
 #define MAX_MATCH_GROUPS	256	/* Max # of groups for Match. */
 #define MAX_AUTHKEYS_FILES	256	/* Max # of authorized_keys files. */
+#define MAX_AUTH_METHODS	256	/* Max # of AuthenticationMethods. */
 
 /* permit_root_login */
 #define	PERMIT_NOT_SET		-1
@@ -168,6 +169,9 @@ typedef struct {
 	char   *authorized_principals_file;
 
 	char   *version_addendum;	/* Appended to SSH banner */
+
+	u_int	num_auth_methods;
+	char   *auth_methods[MAX_AUTH_METHODS];
 }       ServerOptions;
 
 /* Information about the incoming connection as used by Match */
@@ -197,6 +201,7 @@ struct connection_info {
 		M_CP_STRARRAYOPT(allow_groups, num_allow_groups); \
 		M_CP_STRARRAYOPT(deny_groups, num_deny_groups); \
 		M_CP_STRARRAYOPT(accept_env, num_accept_env); \
+		M_CP_STRARRAYOPT(auth_methods, num_auth_methods); \
 	} while (0)
 
 struct connection_info *get_connection_info(int, int);
diff --git a/sshd.c b/sshd.c
index d5ec4e6..cb4bdd3 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1333,6 +1333,7 @@ main(int ac, char **av)
 	int remote_port;
 	char *line;
 	int config_s[2] = { -1 , -1 };
+	u_int n;
 	u_int64_t ibytes, obytes;
 	mode_t new_umask;
 	Key *key;
@@ -1555,6 +1556,26 @@ main(int ac, char **av)
 	if (options.challenge_response_authentication)
 		options.kbd_interactive_authentication = 1;
 
+	/*
+	 * Check whether there is any path through configured auth methods.
+	 * Unfortunately it is not possible to verify this generally before
+	 * daemonisation in the presence of Match block, but this catches
+	 * and warns for trivial misconfigurations that could break login.
+	 */
+	if (options.num_auth_methods != 0) {
+		if ((options.protocol & SSH_PROTO_1))
+			fatal("AuthenticationMethods is not supported with "
+			    "SSH protocol 1");
+		for (n = 0; n < options.num_auth_methods; n++) {
+			if (auth2_methods_valid(options.auth_methods[n],
+			    1) == 0)
+				break;
+		}
+		if (n >= options.num_auth_methods)
+			fatal("AuthenticationMethods cannot be satisfied by "
+			    "enabled authentication methods");
+	}
+
 	/* set default channel AF */
 	channel_set_af(options.address_family);
 
diff --git a/sshd_config.5 b/sshd_config.5
index 314ecfb..ed81ac8 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -151,6 +151,28 @@ See
 in
 .Xr ssh_config 5
 for more information on patterns.
+.It Cm AuthenticationMethods
+Specifies the authentication methods that must be successfully completed
+for a user to be granted access.
+This option must be followed by one or more comma-separated lists of
+authentication method names.
+Successful authentication requires completion of every method in at least
+one of these lists.
+.Pp
+For example, an argument of
+.Dq publickey,password publickey,keyboard-interactive
+would require the user to complete public key authentication, followed by
+either password or keyboard interactive authentication.
+Only methods that are next in one or more lists are offered at each stage,
+so for this example, it would not be possible to attempt password or
+keyboard-interactive authentication before public key.
+.Pp
+This option is only available for SSH protocol 2 and will yield a fatal
+error if enabled if protocol 1 is also enabled.
+Note that each authentication method listed should also be explicitly enabled
+in the configuration.
+The default is not to require multiple authentication; successful completion
+of a single authentication method is sufficient.
 .It Cm AuthorizedKeysFile
 Specifies the file that contains the public keys that can be used
 for user authentication.
@@ -711,6 +733,7 @@ Available keywords are
 .Cm AllowGroups ,
 .Cm AllowTcpForwarding ,
 .Cm AllowUsers ,
+.Cm AuthenticationMethods ,
 .Cm AuthorizedKeysFile ,
 .Cm AuthorizedPrincipalsFile ,
 .Cm Banner ,