[
https://issues.apache.org/jira/browse/SSHD-930?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16883890#comment-16883890
]
Goldstein Lyor commented on SSHD-930:
-------------------------------------
{quote}
Perhaps the simplest might be to factor out the proxy initialization from
`sendClientIdentification()` and invoke it unconditionally in the constructor
before starting the SSH protocol.
{quote}
Sounds like a good idea...
{quote}
Finally, I'm not convinced sending the client's identification only once the
server's banner has been received is really a good idea. First, OpenSSH doesn't
do so; each side always sends its own identification first and then waits for
the peer's; see the OpenSSH sources. Second, if the client waits first for the
server, is there a timeout for this wait?
{quote}
Very good point
{quote}
If that Cisco device can be connected to with normal OpenSSH, then I guess the
problem is not the order of these identifications at all. (Don't know where,
though.)
{quote}
I tend to agree - however, I do prefer having our code provide enough
flexibility for non-standard uses - though not at the expenses of its
robustness - as your excellent observations point out. I will re-think this
patch along the lines you suggested.
> Send the client version string after receiving the version string of the
> server
> -------------------------------------------------------------------------------
>
> Key: SSHD-930
> URL: https://issues.apache.org/jira/browse/SSHD-930
> Project: MINA SSHD
> Issue Type: Improvement
> Affects Versions: 2.2.0
> Reporter: Zhenliang Su
> Assignee: Goldstein Lyor
> Priority: Major
> Fix For: 2.3.1
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> The rfc4253 does not indicate whether the ssh client must send its own
> version number right after receiving the version number of the server.
> I have encountered a situation where mina-sshd is used to connect to cisco's
> sshd service, sometimes it can be connected, sometimes not connected.
> Some rules are found by capturing packets. If the client sends its own
> version number after receiving the version number of the server, it can be
> connected. If the client sends its own version number before receiving the
> version number of the server, then it will not be connected.
> I think, a better way is to change the SshClient code to send the version
> number of the client right after receiving the version number of the server.
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
