tomaswolf commented on issue #263: URL: https://github.com/apache/mina-sshd/issues/263#issuecomment-2268364233
@116-7 I've never seen this in any Apache MINA sshd version. In any case it would be unrelated to the race condition mentioned in this issue. We _did_ have one report of what you describe: [SSHD-1204](https://issues.apache.org/jira/browse/SSHD-1204), but it involved an unknown server behind a Palto Alto Networks firewall appliance that identified as "SSH2.0-PaloAltoNetworks_0.2" and an Apache MINA sshd _client_. With a packet trace obtained via Wireshark we were able to prove that this server did send its initial key exchange proposal first, and only afterwards the protocol negotiation, i.e., its identification string. (The packet traces are attached to that issue SSHD-1204.) This firewall thing appeared to be a decrypting SSH proxy, so it's most likely the fault of that Palo Alto firewall, not of whatever server was behind it. Other people also had [trouble with that firewall](https://tanzu.vmware.com/content/pivotal-engineering-journal/troubleshooting-obscure-openssh-failures-2). If you can provide a Wireshark packet trace of the first few packets, which are unencrypted, I could take a look to see if your case is similar. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
