Hi,
openssh can connect to cisco appliances and dbclient can't (but cisco
ssh client can connect to dropbear).
Thanks to tcpdump I think that I found the problem:
openssh sends "SSH-2.0-OpenSSH_7.4
\r\n"
cisco sends "SSH-2.0-Cisco-1.25\r\n"
openssh sends kexinit
cisco sends kexinit, then all runs fine.
dbclient sends "SSH-2.0-dropbear_2018.76\r\n" and kexinit
cisco sends "SSH-2.0-Cisco-1.25\r\n"
then cisco waits "ip ssh time-out" seconds and then closes the TCP socket.
my conjecture is that cisco empties its receive buffer after sendind the
identification string and then waits for the lost kexinit.
To prove my idea I added a sleep() after the first write_packet(), and
dbclient was able to connect to cisco (ios 12.4 and 15.1).
I took just a quick look at your sources and I think that waiting for a
identification string before sending kexinit is a lot of work, am I right?
diff -Naubr dropbear-2018.76.old/packet.c dropbear-2018.76.new/packet.c
--- dropbear-2018.76.old/packet.c 2018-02-27 15:25:12.000000000 +0100
+++ dropbear-2018.76.new/packet.c 2018-11-13 14:52:43.696775952 +0100
@@ -54,10 +54,13 @@
#endif
/* non-blocking function writing out a current encrypted packet */
+int ciscobug = 1;
void write_packet() {
ssize_t written;
#ifdef HAVE_WRITEV
+#endif
+#if defined(KEEP_CALM_AND_NEVER_USE_WRITEV)
/* 50 is somewhat arbitrary */
unsigned int iov_count = 50;
struct iovec iov[50];
@@ -71,6 +74,8 @@
dropbear_assert(!isempty(&ses.writequeue));
#if defined(HAVE_WRITEV) && (defined(IOV_MAX) || defined(UIO_MAXIOV))
+#endif
+#if defined(KEEP_CALM_AND_NEVER_USE_WRITEV)
packet_queue_to_iovec(&ses.writequeue, iov, &iov_count);
/* This may return EAGAIN. The main loop sometimes
@@ -106,6 +111,8 @@
dropbear_assert(len > 0);
/* Try to write as much as possible */
written = write(ses.sock_out, buf_getptr(writebuf, len), len);
+sleep(ciscobug);
+ciscobug = 0;
if (written < 0) {
if (errno == EINTR || errno == EAGAIN) {
--
/\/ / /-<
