SSH to OAG Management Console Failing with Error: "Received disconnect from <OAG_IP> port 22:2: Too many authentication failures Disconnected from <OAG_IP> port 22"
Nov 24, 2025
Okta Classic Engine
Access Gateway
Okta Identity Engine
Overview
When attempting to SSH to the OAG management console, the access fails with the following SSH error:
Received disconnect from <OAG_IP> port 22:2: Too many authentication failures Disconnected from <OAG_IP> port 22
Applies To
- Okta Access Gateway (OAG)
Cause
This error indicates that the SSH client, especially when using an ssh-agent, might be offering numerous SSH keys to the server in an attempt to authenticate, and the number of keys offered exceeds the server's MaxAuthTries limit before the correct key is presented (or before a password prompt is given).
Solution
Login with the following command:
ssh -o IdentitiesOnly=yes oag-mgmt@<OAG_IP>
The IdentitiesOnly=yes option ensures that only the identities explicitly configured are offered, ignoring other keys.
