Don't retry SSH connection when auth fails

[djjuhasz]

Authentication failures can not be resolved by retrying the connection with the same credentials.

[sevein]

LGTM, only one minor suggestion.

[sevein]

A possible alternative:

type AuthError struct {
	Reason string
}

func (e *AuthError) Error() string {
	return fmt.Sprintf("auth: %s", e.Reason)
}

func NewAuthError(err error) error {
	return &AuthError{Reason: err.Error()}
}

This version:

• Doesn't use Unwrap because we don't need to give access to the underlying error.
• Uses the error type in the constructor signature, see https://go.dev/doc/faq#nil_error:

  It's a good idea for functions that return errors always to use the error type in their signature rather than a concrete type such as *MyError, to help guarantee the error is created correctly. As an example, os.Open returns an error even though, if not nil, it's always of concrete type *os.PathError.

I think that we'd want the function to return a concrete type (*AuthError) if we were doing some performance-focused work, e.g. https://github.com/connectrpc/connect-go/blob/d88758dc0e89170db922ecd20f16cec57662ec23/error.go#L117-L128 could be a good example where the design was driven by performance objectives, like avoiding memory allocations. This is a guess though, not entirely sure.

[djjuhasz]

@sevein does Reason need to be exported?

[djjuhasz]

Exporting the Reason field does have the nice benefit of being able to set an arbitrary string without having to create an error first, e.g.

e := &sftp.AuthError{Reason: "bad password"}

vs.

e := sftp.NewAuthError(errors.New("bad password"))

[sevein]

Looks like this was accidentally changed!

[djjuhasz]

Oops! 🤦