[jira] [Commented] (SSHD-930) Send the client version string after receiving the version string of the server

Fri, 12 Jul 2019 01:50:06 -0700 


    [ 
https://issues.apache.org/jira/browse/SSHD-930?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16883638#comment-16883638
 ] 

Thomas Wolf commented on SSHD-930:
----------------------------------

Finally, I'm not convinced sending the client's identification only once the 
server's banner has been received is really a good idea. First, OpenSSH doesn't 
do so; each side always sends its own identification first and then waits for 
the peer's; see [the OpenSSH 
sources|https://github.com/openssh/openssh-portable/blob/4d28fa7/kex.c#L1110]. 
Second, if the client waits first for the server, is there a timeout for this 
wait?

If that Cisco device can be connected to with normal OpenSSH, then I guess the 
problem is not the order of these identifications at all. (Don't know where, 
though.)

> Send the client version string after receiving the version string of the 
> server
> -------------------------------------------------------------------------------
>
>                 Key: SSHD-930
>                 URL: https://issues.apache.org/jira/browse/SSHD-930
>             Project: MINA SSHD
>          Issue Type: Improvement
>    Affects Versions: 2.2.0
>            Reporter: Zhenliang Su
>            Assignee: Goldstein Lyor
>            Priority: Major
>             Fix For: 2.3.1
>
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> The rfc4253 does not indicate whether the ssh client must send its own 
> version number right after receiving the version number of the server.
> I have encountered a situation where mina-sshd is used to connect to cisco's 
> sshd service, sometimes it can be connected, sometimes not connected.
> Some rules are found by capturing packets. If the client sends its own 
> version number after receiving the version number of the server, it can be 
> connected. If the client sends its own version number before receiving the 
> version number of the server, then it will not be connected.
> I think, a better way is to change the SshClient code to send the version 
> number of the client right after receiving the version number of the server.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to