keyboard-interactive duplicates & signs and adds > sign
|Reported by:||Janos Pasztor||Owned by:|
|Component version:||3.53.1||Operating system type:||Windows|
|Operating system version:||10.0.19041 Build 19041|
Description (last modified by )
When an SSH server issues a keyboard-interactive authentication to the client and the "instruction" field contains an & (and) sign (e.g. in an URL) the and sign is duplicated. Furthermore, it adds a > sign after a certain length.
| Please visit the following link to authenticate: | https://github.com/login/oauth/authorize?client_id=063fe6a5dd3849276f35&&login > =janoszen&&response_type=code&&state=73aaa57b018e4119a381da7b5a0fc06e | Please enter the code received:
Welcome to ContainerSSH! Please visit the following link to authenticate: https://github.com/login/oauth/authorize?client_id=063fe6a5dd3849276f35&login=janoszen&response_type=code&state=b7d0a882dae24d32b000993522b80dbf Please enter the code received:
Please remove extra formatting from the challenge so links can be properly utilized.
Context: I'm the author of ContainerSSH and we are implementing OAuth2 authentication for SSH. The binaries for this feature are not released yet, but I'm happy to provide a testing server if needed.