secureCRT 3.3 -> openssh v3.7pl (checkpoint firewall)
Darren Tucker
dtucker at zip.com.au
Thu Sep 16 14:32:59 EST 2004
Damien Miller wrote:
> Lou wrote:
>
>>Client - secureCRT 3.3 outside the firewall (Checkpoint)
>>Server - openssh v3.7 on an aix51 rs6k inside the fw
>>
>>The firewall lets in the first packet but blocks the second with the
>>message: ssh 1.x not allowed. The connection gets reset. Here is the
>>trace from the client:
>
> Your firewall is insane - it is mis-detecting the protocol version in
> use, despite the unambiguous version string:
>>[SSH LOCAL ONLY] : RECV : Remote Identifier = "SSH-2.0-OpenSSH_3.7p1"
Maybe securecrt is sending a "SSH-1.99-*" string?
Try configuring securecrt to connect *only* with protocol version 2.
Failing that, try hitting your firewall with a large stick. The latter
won't solve your problem but it might make you feel better :-).
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list