Scott Meeuwsen created SSHD-750:
-----------------------------------
Summary: Accept SSH clients advertising 1.99
Key: SSHD-750
URL: https://issues.apache.org/jira/browse/SSHD-750
Project: MINA SSHD
Issue Type: New Feature
Affects Versions: 1.6.0
Reporter: Scott Meeuwsen
Priority: Minor
I debated listing this as a bug, given clients advertising 1.99 are SSH 2.0
clients and are being rejected, I believe, somewhat accidentally. However, on
further research I see that the RFC doesn't really cover this situation (only
the opposite: a server advertising 1.99 to a 2.0 client). Ultimately, I do
think this should be supported given:
1) the server/client will still talk 2.0, nobody is suggesting adding a mode
whereby they talk 1.x, so there shouldn't be a security issue here
2) MINA SSH client already supports it (inverse situation), so this creates
alignment within the code between client/server capabilities
3) OpenSSH server supports it (not that everybody has to copy OpenSSH behavior,
but it is certainly a widely supported implementation to look for advice on how
to behave)
4) the patch is a one liner, easy to understand, and was easily tested (aka it
works)
Github pull request:
https://github.com/apache/mina-sshd/pull/31
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
