On Mon, May 04, 2015 at 09:23:53PM -0700, [email protected] wrote:
> We follow -current on amd64, upgrading about once a month.
Thanks!
[...]
> debug1: Client protocol version 2.0; client software version
> WinSCP_release_5.7.2
[...]
> Hm, kex protocol error: type 30 seq 1 [preauth]
message type 30 is the pre-RFC4419 group exchange message. Since
RFC4419 was published nearly 10 years ago support for the
non-standardized message was recently removed from OpenSSH.
> What did we break and how can we fix it?
Please try this patch on your server.
Index: compat.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/compat.c,v
retrieving revision 1.91
diff -u -p -r1.91 compat.c
--- compat.c 4 May 2015 06:10:48 -0000 1.91
+++ compat.c 5 May 2015 04:33:04 -0000
@@ -177,6 +177,7 @@ compat_datafellows(const char *version)
"TTSSH/2.70*,"
"TTSSH/2.71*,"
"TTSSH/2.72*", SSH_BUG_HOSTKEYS },
+ { "WinSCP*", SSH_OLD_DHGEX },
{ NULL, 0 }
};
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
