[Bug 1067] ssh-keyscan does not work with F-Secure SSH 3.2.0 sometimes
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Tue Aug 9 21:24:51 EST 2005
http://bugzilla.mindrot.org/show_bug.cgi?id=1067
Summary: ssh-keyscan does not work with F-Secure SSH 3.2.0
sometimes
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Miscellaneous
AssignedTo: bitbucket at mindrot.org
ReportedBy: dave at cirt.net
For some obscure reason F-Secure's SSH 3.2.0 redirects warnings down the
connection stream, so when you do a ssh connect you will have a response like:
sshd2[4036]: WARNING: Configuration option SshPAMClientPath is deprecated.
sshd2[4036]: WARNING: DNS lookup failed for "1.1.1.1".
SSH-2.0-3.2.0 F-SECURE SSH
ssh-keyscan, in the function "congreet" only examines the first line for the SSH
banner. This is different behaviour to the ssh connect command (which checks all
lines in the first 256 bytes) for the SSH banner.
Because of this you cannot use ssh-keyscan against hosts running this flavour of
SSH unless all of the warnings are cleared.
(There may also be a knock on effect to the ssh command if there are a lot of
warnings)
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list