password padding (Re: Possible problem with sshconnect1.c in openssh-2.5.1p2)

Markus Friedl Markus.Friedl at
Sat Mar 10 23:39:28 EST 2001

seems there are more servers affected.
what is the banner of the server if you
	telnet server 22


On Fri, Mar 09, 2001 at 04:26:33PM -0600, Michael Krivacek wrote:
>   Netscreen produces hardware encryption boxes which have the
> capability of being managed by SSH (protocol version 1.)  With the
> 2.3.0 series of OpenSSH I was able to access my Netscreen boxes
> fine.  However I was initially able to connect with the 2.5.1
> series.  I followed the source code and noticed a change in
> sshconnect1.c between 2.3.0 and 2.5.1.  In the function
> "try_password_authentication" the line:
>      packet_put_string(password, strlen(password));
> became:
>      ssh_put_password(password);

On Fri, Mar 09, 2001 at 03:52:28PM -0800, Byron Jennings wrote:
> I have the same problem connect to a vax. The vax (VMS) is using
> OSU_1.1 ssh.

More information about the openssh-unix-dev mailing list