Ugly patch to openssh-1.2pre15

Markus Friedl Markus.Friedl at
Tue Dec 7 03:20:04 EST 1999

On Mon, Dec 06, 1999 at 10:53:56AM -0500, David F. Skoll wrote:
> I am behind a firewall which does not permit connections to port 22, so I
> run my ssh server on port 23. :-)  Unfortunately, the stupid firewall
> prints a few lines of junk when you make a connection to port 23 before
> actually starting the connection.  This confuses ssh.
> Attached is an (ugly) patch against openssh-1.2pre15 which makes it ignore
> a configurable number of lines while looking for the SSH-%d-%d
> identification string.  If you think it's worth including this hack in the
> official version, feel free. :-)

i think, the right way to fix this is by using a proxy-command that
eats the bogus greeting. you don't want to touch ssh for this.

a friend of mine lived behind a firewall that injected telnet commands like
for port 23. we used this perl-script and ProxyCommand

% cat .ssh/config
Host bla
	ProxyCommand /blabla/bin/ %h %p
% cat /blabla/bin/
#!/usr/bin/perl -w
# Usage: ProxyCommand /path/bin/ %h %p


sub dial{
	require 'sys/'; # perl4
	# don't touch!
	local($thathost, $port, $name, $aliases, $proto, $type, $len);
	local($thataddr, $sockaddr, $that);
	($thathost, $port)=split(/:/,"@_");
        print STDERR "tunnel: trying $thathost port $port... " if $debug;
	$sockaddr = 'S n a4 x8';
	($name, $aliases, $proto) = getprotobyname('tcp');
	($name, $aliases, $type, $len, $thataddr) = gethostbyname($thathost);
	$that = pack($sockaddr, &AF_INET, $port, $thataddr);
	socket(SOCK, &PF_INET, &SOCK_STREAM, $proto) || die "socket: $!";
	connect(SOCK, $that) || die "connect: $!";
        print STDERR "connected\n" if $debug;

if($#ARGV !=1){
    print STDERR "usage: $0 destination port\n";


select(SOCK); $| = 1;
select(STDOUT); $| = 1;

# wait for banner: SSH-
	$magic .= $buf;
	if($buf eq "S"){
		$magic .= $buf;
		if($buf eq "SH-"){
			print STDERR "tunnel: MAGIC $read bytes\n" if $debug;
			print STDERR "tunnel: pre-MAGIC: $magic\n" if $debug;
			while($magic =~ /(.)/g){
				printf STDERR "%x ",ord($1) if $debug;
			print STDERR "\n" if $debug;
			print STDOUT ("SSH-");

if($child = fork){
		print SOCK ($buf);
	sleep 2;
	kill(15,$child) if $child;
		print STDOUT ($buf);
% ssh -v -p 23 bla

More information about the openssh-unix-dev mailing list