Hi, I am taking part in the development of lsh, a GPLed secsh implementation. While testing the interoperability between lsh and ssh2, I found the following problems. All the below problems have workarounds in lsh, but for better standards compliance, these should be fixed: 1) Signature blobs are different than specified in the draft (I've reported this problem already) 2) SSH_MSG_SERVICE_ACCEPT message is specified in the draft as: byte SSH_MSG_SERVICE_ACCEPT string service name The service name field is not sent & expected by ssh2. 3) SSH_MSG_DEBUG If an SSH_MSG_DEBUG message is sent to the server/client immediately after keyexchange (as was done in lsh for debugging reasons), the client silently exits without an error message, and the server drops the connection. The first two issues can easily be reproduced. To reproduce the third one, download lsh with the workaround patches from: http://www.balabit.hu/downloads/lsh/, and readd this line to client_keyexchange.c & server_keyexchange.c: /* res |= send_verbose(connection->write, "Key exchange successful!", 0); */ Since the topic is not related to the environment I compiled ssh2 on, I don't include config.log nor environment details. -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1 url: http://www.balabit.hu/pgpkey.txt
