secureCRT 3.3 -> openssh v3.7pl (checkpoint firewall)
Lou
lsolot at argoscomp.com
Thu Sep 16 01:32:02 EST 2004
Client - secureCRT 3.3 outside the firewall (Checkpoint)
Server - openssh v3.7 on an aix51 rs6k inside the fw
The firewall lets in the first packet but blocks the second with the
message: ssh 1.x not allowed. The connection gets reset. Here is the
trace from the client:
[SSH LOCAL ONLY] : Connect: 12.x.x.x:22 [direct]
[SSH LOCAL ONLY] : StateChange: SSH_STATE_UNINITIALIZED->SSH_STATE_CONNECTING
[SSH LOCAL ONLY] : State Change: SSH_STATE_CONNECTING->SSH_STATE_EXPECT_IDENTIFIER
[SSH LOCAL ONLY] : connected
[SSH LOCAL ONLY] : RECV : Remote Identifier = "SSH-2.0-OpenSSH_3.7p1"
[SSH LOCAL ONLY] : Autodetected Server Mode: IETF Draft Compliant
[SSH LOCAL ONLY] : SEND : KEXINIT
[SSH LOCAL ONLY] : StateChange: SSH_STATE_EXPECT_IDENTIFIER->SSH_STATE_INITIAL_KEYEXCHANGE
[SSH LOCAL ONLY] : State Change: SSH_STATE_INITIAL_KEYEXCHANGE->SSH_STATE_CLOSED
I know I have sshv2 selected on the client side. Plus, I don't have this
problem internally, with any other version of secureCRT, or any other
version of openssh. The secureCRT people seem to think the fw is having
a problem with the secureCRT 3.3 version string.
I would like to upgrade to secureCRT 4.1 but my boss wants me to find a
solution to this if possible to avoid having to upgrade. Any ideas?
Thanks,
Lou Solot
More information about the openssh-unix-dev
mailing list