Sending SSH_MSG_DISCONNECT before dropping connections
olle ollesson
bpsr77 at hotmail.com
Fri Dec 2 08:32:37 EST 2005
Hi again,
Thanks for the clarifcation Markus. Now the natural next question:
Is there any reason to why OpenSSH does not do it that way, that is, sens
SSH_MSG_DISCONNECT with an SSH_DISCONNECT_TOO_MANY_CONNECTIONS reason code
before closing the socket when the max number of allowed sessions has been
reached? What are the pros and cons in doing so?
Here's my two cents
Pros:
>From a client perspective it would be really valuable (at least to me) to
get an indication to why the connection setup attempt failed. Note, there
could be other reasons besides too many connection like for example
SSH_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT which could be handled in the
same way.
Cons:
The "Protocol Version Exchange" messages needs to be sent first.
Thanks in advance.
Best Regards,
Olle
>From: Markus Friedl <markus at openbsd.org>
>To: olle ollesson <bpsr77 at hotmail.com>
>CC: openssh-unix-dev at mindrot.org
>Subject: Re: Sending SSH_MSG_DISCONNECT before dropping connections
>Date: Thu, 1 Dec 2005 19:56:43 +0100
>
>On Thu, Dec 01, 2005 at 06:03:08PM +0100, olle ollesson wrote:
> > The draft says it can be sent at any time. Can we send it before the
> > "Protocol Version Exchange"?
> no
> > Before the Key Exchange?
> yes
>
>_______________________________________________
>openssh-unix-dev mailing list
>openssh-unix-dev at mindrot.org
>http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
More information about the openssh-unix-dev
mailing list