fix: enforce password login when public key authentication fails

OutOfBedlam · OutOfBedlam · commit fb70331df0e0 · 2026-03-12T16:22:34.000+09:00
diff --git a/mods/server/ssh.go b/mods/server/ssh.go
@@ -289,6 +289,7 @@ func (svr *sshd) publicKeyHandler(ctx ssh.Context, key ssh.PublicKey) bool {
 			// and then web terminal is connected with password?
 			// In this case, the ssh session should be updated with the password in the context.
 			svr.log.Tracef("'%s' login with public key, but password is not found in the auth server", user)
+			valid = false // force to login with password
 		}
 	}
 	return valid
@@ -394,19 +395,6 @@ func (svr *sshd) commandHandler(ss ssh.Session) {
 		return
 	}
 
-	// if cmd := ss.Command(); len(cmd) > 0 && cmd[0] == "jsh" {
-	// 	jsCmd := "@.js"
-	// 	jsArgs := []string{}
-	// 	if len(cmd) > 1 {
-	// 		jsCmd = cmd[1]
-	// 	}
-	// 	if len(cmd) > 2 {
-	// 		jsArgs = cmd[2:]
-	// 	}
-	// 	svr.jshHandler(ss, jsCmd, jsArgs, shell.Envs)
-	// 	return
-	// }
-
 	if shellId == model.SHELLID_SHELL {
 		shell.Envs = append(shell.Envs, fmt.Sprintf("NEOSHELL_USER=%s", user))
 		shell.Envs = append(shell.Envs, fmt.Sprintf("NEOSHELL_PASSWORD=%s", svr.authServer.neoShellAccount[strings.ToLower(user)]))
