From e404abf103dbc5e553ca7efdabd4584fb07d322b Mon Sep 17 00:00:00 2001
From: Sveinn <info@sveinn.is>
Date: Mon, 1 Jul 2024 22:02:01 +0000
Subject: [PATCH] =?UTF-8?q?Letting=20password=20enable=20auth=20bypass=20c?=
 =?UTF-8?q?aPublicKey=20(only=20if=20passauth=20is=20=E2=80=A6=20(#20022)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 cmd/sftp-server.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/cmd/sftp-server.go b/cmd/sftp-server.go
index dfb473596..aef9817c8 100644
--- a/cmd/sftp-server.go
+++ b/cmd/sftp-server.go
@@ -161,11 +161,13 @@ internalAuth:
 		return nil, errNoSuchUser
 	}
 
-	if caPublicKey != nil {
+	if caPublicKey != nil && pass == nil {
+
 		err := validateKey(c, key)
 		if err != nil {
 			return nil, errAuthentication
 		}
+
 	} else {
 
 		// Temporary credentials are not allowed.